Common Information
Type | Value |
---|---|
Value |
Malware - T1587.001 |
Category | Attack-Pattern |
Type | Mitre-Attack-Pattern |
Misp Type | Cluster |
Description | Adversaries may develop malware and malware components that can be used during targeting. Building malicious software can include the development of payloads, droppers, post-compromise tools, backdoors (including backdoored images), packers, C2 protocols, and the creation of infected removable media. Adversaries may develop malware to support their operations, creating a means for maintaining control of remote machines, evading defenses, and executing post-compromise behaviors.(Citation: Mandiant APT1)(Citation: Kaspersky Sofacy)(Citation: ActiveMalwareEnergy)(Citation: FBI Flash FIN7 USB) As with legitimate development efforts, different skill sets may be required for developing malware. The skills needed may be located in-house, or may need to be contracted out. Use of a contractor may be considered an extension of that adversary's malware development capabilities, provided the adversary plays a role in shaping requirements and maintains a degree of exclusivity to the malware. Some aspects of malware development, such as C2 protocol development, may require adversaries to obtain additional infrastructure. For example, malware developed that will communicate with Twitter for C2, may require use of [Web Services](https://attack.mitre.org/techniques/T1583/006).(Citation: FireEye APT29) |
Details | Published | Attributes | CTI | Title | ||
---|---|---|---|---|---|---|
Details | Website | 2754-08-03 | 37 | Virus Bulletin :: VB2018 paper: Unpacking the packed unpacker: reversing an Android anti-analysis native library | ||
Details | Website | 2574-01-02 | 0 | Editors Picks, Apps We Recommend | TechSpot | ||
Details | Website | 2061-05-15 | 4 | Flash Notice: Critical Linux Kernel Vulnerability Can Lead to Remote Code Execution | ||
Details | Website | 2050-08-03 | 29 | Kiddoware Kids Place Parental Control Android App 3.8.49 XSS / CSRF / File Upload - CXSecurity.com | ||
Details | Website | 2044-04-01 | 13 | Attackers Repurposing existing Python-based Malware for Distribution on NPM | ||
Details | Website | 2035-08-05 | 23 | Inside Jahoo (Otlard.A ?) - A spam Botnet | ||
Details | Website | 2035-01-01 | 216 | UNKNOWN | ||
Details | Website | 2028-10-24 | 0 | MIT Technology Review Insights Survey on Zero Trust in Cybersecurity | ||
Details | Website | 2028-02-03 | 0 | Zemana Anti Malware: Best Premium & Free Malware Removal Software | ||
Details | Website | 2025-11-07 | 1 | Vault7 - Home | ||
Details | Website | 2024-12-30 | 27 | Interlab 인터랩 | Cyber Threat Report: RambleOn Android Malware | ||
Details | Website | 2024-12-29 | 2 | Cobalt Strike DFIR: Listening to the Pipes — Blake's R&D | ||
Details | Website | 2024-12-19 | 17 | Silent Push uncovers a large Russian Ursnif/Gozi banking trojan operation targeting global AnyDesk users. — Silent Push Threat Intelligence | ||
Details | Website | 2024-12-17 | 1 | Log4shell: a threat intelligence perspective — Silent Push Threat Intelligence | ||
Details | Website | 2024-12-13 | 17 | Rhysida Ransomware analysis - A painful sting to Insomniac Games — ShadowStackRE | ||
Details | Website | 2024-12-11 | 0 | "Passwort" Folge 20: Pacific Rim - Hackback nach China | ||
Details | Website | 2024-12-11 | 3 | Chrome Security Update, Patch For Multiple Vulnerabilities | ||
Details | Website | 2024-12-11 | 17 | Decrypting Full Disk Encryption with Dissect | ||
Details | Website | 2024-12-11 | 60 | Attack Exploiting Legitimate Service by APT-C-60 | ||
Details | Website | 2024-12-11 | 0 | December 2024 Patch Tuesday: 16 Critical and One Zero-Day Among 71 Vulnerabilities | ||
Details | Website | 2024-12-11 | 0 | Cloud Logs: The Unsung Heroes of Detection and Response | ||
Details | Website | 2024-12-11 | 0 | Foundation of IT Knowledge: A Beginner’s Guide | ||
Details | Website | 2024-12-11 | 4 | WPForms Vulnerability Let Users Issues Subscription Payments | ||
Details | Website | 2024-12-11 | 2 | What is Cybersecurity? Different Types of Cybersecurity | ||
Details | Website | 2024-12-11 | 0 | Ransomware: Understanding the Growing Threat to Your Digital Security |