Show in Graph
Common Information
Type Value
Value 
Malware - T1587.001
Category Attack-Pattern
Type Mitre-Attack-Pattern
Misp Type Cluster
Description Adversaries may develop malware and malware components that can be used during targeting. Building malicious software can include the development of payloads, droppers, post-compromise tools, backdoors (including backdoored images), packers, C2 protocols, and the creation of infected removable media. Adversaries may develop malware to support their operations, creating a means for maintaining control of remote machines, evading defenses, and executing post-compromise behaviors.(Citation: Mandiant APT1)(Citation: Kaspersky Sofacy)(Citation: ActiveMalwareEnergy)(Citation: FBI Flash FIN7 USB) As with legitimate development efforts, different skill sets may be required for developing malware. The skills needed may be located in-house, or may need to be contracted out. Use of a contractor may be considered an extension of that adversary's malware development capabilities, provided the adversary plays a role in shaping requirements and maintains a degree of exclusivity to the malware. Some aspects of malware development, such as C2 protocol development, may require adversaries to obtain additional infrastructure. For example, malware developed that will communicate with Twitter for C2, may require use of [Web Services](https://attack.mitre.org/techniques/T1583/006).(Citation: FireEye APT29)
Details Published Attributes CTI Title
Details Website 2754-08-03 37 Virus Bulletin :: VB2018 paper: Unpacking the packed unpacker: reversing an Android anti-analysis native library
Details Website 2574-01-02 0 Editors Picks, Apps We Recommend | TechSpot
Details Website 2061-05-15 4 Flash Notice: Critical Linux Kernel Vulnerability Can Lead to Remote Code Execution
Details Website 2050-08-03 29 Kiddoware Kids Place Parental Control Android App 3.8.49 XSS / CSRF / File Upload - CXSecurity.com
Details Website 2044-04-01 13 Attackers Repurposing existing Python-based Malware for Distribution on NPM
Details Website 2035-08-05 23 Inside Jahoo (Otlard.A ?) - A spam Botnet
Details Website 2035-01-01 216 UNKNOWN
Details Website 2030-03-02 20 APT QUARTERLY HIGHLIGHTS - Q3 : 2023 - CYFIRMA
Details Website 2028-10-24 0 MIT Technology Review Insights Survey on Zero Trust in Cybersecurity
Details Website 2028-02-03 0 Zemana Anti Malware: Best Premium & Free Malware Removal Software
Details Website 2025-11-07 1 Vault7 - Home
Details Website 2025-09-05 0 New LevelBlue Threat Trends Report gives critical insights…
Details Website 2025-09-01 0 How ThreatConnect and Polarity Empower Teams to Combat Phishing Threats | ThreatConnect
Details Website 2025-07-02 13 Inside a Malware Campaign: A Nigerian Hacker’s Perspective – CyberArmor
Details Website 2025-04-05 15 Shellcode Encoded in UUIDs - SANS Internet Storm Center
Details Website 2025-04-05 22 Python Bot Delivered Through DLL Side-Loading - SANS Internet Storm Center
Details Website 2025-03-24 5 FBI warnings are true—fake file converters do push malware - PRSOL:CC
Details Website 2025-03-24 0 Tesla owners’ details doxxed online on a website called ‘dogequest’
Details Website 2025-03-24 0 Microsoft Trusted Signing service abused to code-sign malware - PRSOL:CC
Details Website 2025-03-24 2 The Power of Simplicity: Why LevelBlue’s Partner Program Makes Cybersecurity Easier for MSPs and MSSPs
Details Website 2025-03-24 2 ISC Stormcast For Monday, March 24th, 2025 https://isc.sans.edu/podcastdetail/9376, (Mon, Mar 24th)
Details Website 2025-03-24 0 Oracle Cloud denies data breach claims of 6 million data files leak - Cybersecurity Insiders
Details Website 2025-03-23 0 Building the SOC of the Future - JP Bourget - ESW #399
Details Website 2025-03-23 2 SECURITY AFFAIRS MALWARE NEWSLETTER – ROUND 38
Details Website 2025-03-23 5 Security Affairs newsletter Round 516 by Pierluigi Paganini – INTERNATIONAL EDITION