Attackers will not only go back and delete their malware files after they achieve their goals, but they may even build in a self-delete function into their malware. They may remove dropper files, batch files, and other tools that would tip you off to their activities. Attackers will often use native system tools to perform this deletion, making it very tricky to detect and mitigate.
You'll want to learn more about this adversary behavior so you know how to detect and mitigate it.
Get the hands-on skills you need to detect and mitigate this attack in Cybrary's MITRE ATT&CK Framework courses aligned to the tactics and techniques used by the financially motivated threat group Prophet Spider. Prevent adversaries from accomplishing the tactic of Defense Evasion in your environment today.
