Malware is software specifically designed to perform malicious actions. Malware may disrupt, damage, or provide unauthorized access to a computer system.
Malware is used both maliciously by criminals and benignly by authorized personnel to test the security controls of an organization.
Links to this note
- .debug_info section used for attribution
- Agent.BTZ
- anti-analysis
- anti-malware
- anti-sandbox
- anti-virus
- backdoor
- binary analysis
- botnet
- Buckshot Yankee
- Compiler Options - Anti-Reversing
- ComRAT
- covert channel
- credential stealer
- curl | sh
- DefenderCheck
- dropper
- elfmaster
- file infector
- fileless malware
- fingerprint
- GReAT
- Hell's Gate
- hooks
- Kaiten malware
- keylogger
- LD_PRELOAD
- Linux Malware
- loader
- log wiper
- LOLBin
- malware development
- malware family
- malware propagation
- malware replacing legitimate system components
- malware setting files as immutable or append only
- matryoshka obfuscation
- memory forensics
- mod_backdoor
- Moonlight Maze samples
- multiplatform malware
- old malware
- packer
- pamgoesrogue-sharma2003
- PE entry redirection
- Penguin Turla
- Persistence
- Process Injection
- quarantine
- Ransomware
- RC4
- remediation
- Remote Access Trojan
- rootkit
- rootkits hiding CPU usage
- sample
- SecureList
- SHA256
- shellcode
- signature (anti-virus)
- Skidmap Indicators of Compromise (IoCs)
- Skidmap malware
- SmokeLoader
- Software Exploits
- spyware
- stack strings
- string obfuscation
- tapi32d.exe
- teensy ELF files
- ThreatCheck
- TLS directory injection
- TLS takes precedence over main()
- trojan
- typecli.exe
- userland exec
- Virtual Machine Detection
- virus (computer)
- VirusTotal
- VX
- VX Heaven
- watering hole attack
- worm
- xor string obfuscation
- XORDDOS malware
- YARA