Common Information
Type Value
Value
Malware - T1587.001
Category Attack-Pattern
Type Mitre-Attack-Pattern
Misp Type Cluster
Description Adversaries may develop malware and malware components that can be used during targeting. Building malicious software can include the development of payloads, droppers, post-compromise tools, backdoors (including backdoored images), packers, C2 protocols, and the creation of infected removable media. Adversaries may develop malware to support their operations, creating a means for maintaining control of remote machines, evading defenses, and executing post-compromise behaviors.(Citation: Mandiant APT1)(Citation: Kaspersky Sofacy)(Citation: ActiveMalwareEnergy)(Citation: FBI Flash FIN7 USB) As with legitimate development efforts, different skill sets may be required for developing malware. The skills needed may be located in-house, or may need to be contracted out. Use of a contractor may be considered an extension of that adversary's malware development capabilities, provided the adversary plays a role in shaping requirements and maintains a degree of exclusivity to the malware. Some aspects of malware development, such as C2 protocol development, may require adversaries to obtain additional infrastructure. For example, malware developed that will communicate with Twitter for C2, may require use of [Web Services](https://attack.mitre.org/techniques/T1583/006).(Citation: FireEye APT29)
Details Published Attributes CTI Title
Details Website 2754-08-03 37 Virus Bulletin :: VB2018 paper: Unpacking the packed unpacker: reversing an Android anti-analysis native library
Details Website 2574-01-02 0 Editors Picks, Apps We Recommend | TechSpot
Details Website 2061-05-15 4 Flash Notice: Critical Linux Kernel Vulnerability Can Lead to Remote Code Execution
Details Website 2050-08-03 29 Kiddoware Kids Place Parental Control Android App 3.8.49 XSS / CSRF / File Upload - CXSecurity.com
Details Website 2044-04-01 13 Attackers Repurposing existing Python-based Malware for Distribution on NPM
Details Website 2035-08-05 23 Inside Jahoo (Otlard.A ?) - A spam Botnet
Details Website 2035-01-01 216 UNKNOWN
Details Website 2028-10-24 0 MIT Technology Review Insights Survey on Zero Trust in Cybersecurity
Details Website 2028-02-03 0 Zemana Anti Malware: Best Premium & Free Malware Removal Software
Details Website 2025-11-07 1 Vault7 - Home
Details Website 2024-12-30 27 Interlab 인터랩 | Cyber Threat Report: RambleOn Android Malware
Details Website 2024-12-29 2 Cobalt Strike DFIR: Listening to the Pipes — Blake's R&D
Details Website 2024-12-19 17 Silent Push uncovers a large Russian Ursnif/Gozi banking trojan operation targeting global AnyDesk users. — Silent Push Threat Intelligence
Details Website 2024-12-17 1 Log4shell: a threat intelligence perspective — Silent Push Threat Intelligence
Details Website 2024-12-13 17 Rhysida Ransomware analysis - A painful sting to Insomniac Games — ShadowStackRE
Details Website 2024-12-11 0 "Passwort" Folge 20: Pacific Rim - Hackback nach China
Details Website 2024-12-11 3 Chrome Security Update, Patch For Multiple Vulnerabilities
Details Website 2024-12-11 17 Decrypting Full Disk Encryption with Dissect
Details Website 2024-12-11 60 Attack Exploiting Legitimate Service by APT-C-60
Details Website 2024-12-11 0 December 2024 Patch Tuesday: 16 Critical and One Zero-Day Among 71 Vulnerabilities
Details Website 2024-12-11 0 Cloud Logs: The Unsung Heroes of Detection and Response
Details Website 2024-12-11 0 Foundation of IT Knowledge: A Beginner’s Guide
Details Website 2024-12-11 4 WPForms Vulnerability Let Users Issues Subscription Payments
Details Website 2024-12-11 2 What is Cybersecurity? Different Types of Cybersecurity
Details Website 2024-12-11 0 Ransomware: Understanding the Growing Threat to Your Digital Security