It's rather hard to understand if malware channel works on KATA Sandbox or not. Here's a simple and reliable way of doing it.

Step-by-step guide

1. Create a .bat script with commands that you would normally execute in console to check internet connection - like ping or tracert, - and redirect commands output to file. Here's the example of such script.
2. Upload this script to Storage and wait for it to be scanned:
   
3. After the scan completes, download debug info with scan results.
4. Unpack scan results using the password 'infected' without quotes.
5. In folder task0 or folder task1, rename the file internal_tracing_report to internal_tracing_report.zip and unpack it.
   
6. Open the file files.list with notepad and note the name of file that you used for commands output redirection (results.txt in our example script)
   
7. Open the file with notepad to see the command results:
   
8. Done! You will see the output of ping/tracert commands. In our example, ping command succeeded, but tracert failed with DNS problems, which means malware channel does not work properly and detection rate will be significantly decreased.

How to test DNS on malware channel

There is also an option to test DNS without running samples in Sandbox. Sandbox server uses core DNS servers in the wild web, not the ones specified in WebUI. DNS servers are accessed by VMs via local unbound server, which attempts to run DNS queries via internet interface.

Interface namespace may be different, so in order to identify yours execute (after identifying proper dom* name execute command above):

Example:

First, you need to jump to internet interface's namespace:

Then, test name resolution via local DNS server:

Example:

You can also test pings same way: