Show in Graph
Common Information
Type Value
Value 
Malware - T1587.001
Category Attack-Pattern
Type Mitre-Attack-Pattern
Misp Type Cluster
Description Adversaries may develop malware and malware components that can be used during targeting. Building malicious software can include the development of payloads, droppers, post-compromise tools, backdoors (including backdoored images), packers, C2 protocols, and the creation of infected removable media. Adversaries may develop malware to support their operations, creating a means for maintaining control of remote machines, evading defenses, and executing post-compromise behaviors.(Citation: Mandiant APT1)(Citation: Kaspersky Sofacy)(Citation: ActiveMalwareEnergy)(Citation: FBI Flash FIN7 USB) As with legitimate development efforts, different skill sets may be required for developing malware. The skills needed may be located in-house, or may need to be contracted out. Use of a contractor may be considered an extension of that adversary's malware development capabilities, provided the adversary plays a role in shaping requirements and maintains a degree of exclusivity to the malware. Some aspects of malware development, such as C2 protocol development, may require adversaries to obtain additional infrastructure. For example, malware developed that will communicate with Twitter for C2, may require use of [Web Services](https://attack.mitre.org/techniques/T1583/006).(Citation: FireEye APT29)
Details Published Attributes CTI Title
Details Website 2008-06-12 0 New Zlob Trojan Alters Your Router Settings - Darknet - Hacking Tools, Hacker News & Cyber Security
Details Website 2008-06-09 4 Who's behind the GPcode ransomware?
Details Website 2008-06-04 12 New Rustock Switches to Hotmail
Details Website 2008-05-18 2 Rustock.C – Unpacking a Nested Doll
Details Website 2008-05-16 17 Downloader.Win32.Small OR Win32/PolyCrypt Reversing
Details Website 2008-05-15 0 Giving SQL Injection the Respect it Deserves - Microsoft Security Blog
Details Website 2008-05-15 1 New Botnet Malware Spreading SQL Injection Attack Tool - Darknet - Hacking Tools, Hacker News & Cyber Security
Details Website 2008-05-14 9 Indictments reveal $77 Million in Illegal Pill Sales
Details Website 2008-04-08 0 Kraken Botnet Twice The Size Of Storm - Darknet - Hacking Tools, Hacker News & Cyber Security
Details Website 2008-04-01 4 Countdown to RSA Conference 2008 - Microsoft Security Blog
Details Website 2008-03-03 0 New Sophisticated Botnets Discovered - Darknet - Hacking Tools, Hacker News & Cyber Security
Details Website 2008-02-17 0 Eeye BinDiffing Trick
Details Website 2008-02-15 1 Virus Bulletin :: Phishers phishing phishers' phishes
Details Website 2008-02-01 0 German Police Creating Law Enforcement Trojan - Darknet - Hacking Tools, Hacker News & Cyber Security
Details Website 2008-01-17 0 New Rootkits Infecting the MBR - Darknet - Hacking Tools, Hacker News & Cyber Security
Details Website 2008-01-11 49 New IRS Virus page taxes users
Details Website 2008-01-02 1 Nugache - The Next Big Storm? - Darknet - Hacking Tools, Hacker News & Cyber Security
Details Website 2007-12-27 0 Whitetrash - Dynamic Web White-listing for Squid - Darknet - Hacking Tools, Hacker News & Cyber Security
Details Website 2007-12-19 0 Virus Bulletin :: Magic lanterns shine at terrorists
Details Website 2007-12-16 28 Pushdo - Analysis of a Modern Malware Distribution System
Details Website 2007-12-04 5 Inside the "Ron Paul" Spam Botnet
Details Website 2007-12-01 8 [Malware] Backdoor.Win32.Rbot.clj Reversing
Details Website 2007-11-29 8 Russian Malware, Welcome to Texas!
Details Website 2007-11-19 0 The World's Biggest Botnets - Peer to Peer - Darknet - Hacking Tools, Hacker News & Cyber Security
Details Website 2007-11-01 10 Ron Paul spam and Online Support