Show in Graph
Common Information
Type Value
Value 
Malware - T1587.001
Category Attack-Pattern
Type Mitre-Attack-Pattern
Misp Type Cluster
Description Adversaries may develop malware and malware components that can be used during targeting. Building malicious software can include the development of payloads, droppers, post-compromise tools, backdoors (including backdoored images), packers, C2 protocols, and the creation of infected removable media. Adversaries may develop malware to support their operations, creating a means for maintaining control of remote machines, evading defenses, and executing post-compromise behaviors.(Citation: Mandiant APT1)(Citation: Kaspersky Sofacy)(Citation: ActiveMalwareEnergy)(Citation: FBI Flash FIN7 USB) As with legitimate development efforts, different skill sets may be required for developing malware. The skills needed may be located in-house, or may need to be contracted out. Use of a contractor may be considered an extension of that adversary's malware development capabilities, provided the adversary plays a role in shaping requirements and maintains a degree of exclusivity to the malware. Some aspects of malware development, such as C2 protocol development, may require adversaries to obtain additional infrastructure. For example, malware developed that will communicate with Twitter for C2, may require use of [Web Services](https://attack.mitre.org/techniques/T1583/006).(Citation: FireEye APT29)
Details Published Attributes CTI Title
Details Website 2754-08-03 37 Virus Bulletin :: VB2018 paper: Unpacking the packed unpacker: reversing an Android anti-analysis native library
Details Website 2574-01-02 0 Editors Picks, Apps We Recommend | TechSpot
Details Website 2061-05-15 4 Flash Notice: Critical Linux Kernel Vulnerability Can Lead to Remote Code Execution
Details Website 2050-08-03 29 Kiddoware Kids Place Parental Control Android App 3.8.49 XSS / CSRF / File Upload - CXSecurity.com
Details Website 2044-04-01 13 Attackers Repurposing existing Python-based Malware for Distribution on NPM
Details Website 2035-08-05 23 Inside Jahoo (Otlard.A ?) - A spam Botnet
Details Website 2035-01-01 216 UNKNOWN
Details Website 2028-10-24 0 MIT Technology Review Insights Survey on Zero Trust in Cybersecurity
Details Website 2028-02-03 0 Zemana Anti Malware: Best Premium & Free Malware Removal Software
Details Website 2025-11-07 1 Vault7 - Home
Details Website 2024-12-30 27 Interlab 인터랩 | Cyber Threat Report: RambleOn Android Malware
Details Website 2024-12-29 2 Cobalt Strike DFIR: Listening to the Pipes — Blake's R&D
Details Website 2024-12-19 17 Silent Push uncovers a large Russian Ursnif/Gozi banking trojan operation targeting global AnyDesk users. — Silent Push Threat Intelligence
Details Website 2024-12-17 1 Log4shell: a threat intelligence perspective — Silent Push Threat Intelligence
Details Website 2024-12-13 17 Rhysida Ransomware analysis - A painful sting to Insomniac Games — ShadowStackRE
Details Website 2024-12-09 0 Black Hat
Details Website 2024-12-06 8 Qilin Ransomware malware analysis — ShadowStackRE
Details Website 2024-12-03 48 Privacy tools (not) for you — Silent Push Threat Intelligence
Details Website 2024-11-26 33 LostTrust Ransomware - Trust nothing — ShadowStackRE
Details Website 2024-11-17 1 Can Vpns Be Hacked? — Comprehensive Guide And FAQs
Details Website 2024-11-17 0 Buffer Overflow
Details Website 2024-11-17 0 Phishing emails increasingly use SVG attachments to evade detection
Details Website 2024-11-17 0 In AI era , cybersecurity management will remain human-centric
Details Website 2024-11-17 10 Shamoon Malware
Details Website 2024-11-17 0 "Navigating the future of digital security: How evolving threats, advanced AI, and new protection…