malware campaign
0001-01-01
A malware campaign is a time-bounded activity cluster, using similar techniques against a set of targets.
Read More
malware capabilities
0001-01-01
malware may have one or more capabilities such as file upload or download, command execution, cryptography, module support, …
Many of these ...
Read More
malware checking for installed software
0001-01-01
malware often checks for the existence of non-security software softare.
For example, a credential stealer may search for different web browsers, ...
Read More
malware checking for known malware
0001-01-01
Many strains of malware, particularly credential harvesters, botnet, and cryptocurrency miners will run checks for other similar malware as part of ...
Read More
malware checking for security software
0001-01-01
malware often attempts to determine if security tools or reverse engineering software is running on a host as a defensive measure. The malware, if it ...
Read More
malware development
0001-01-01
malware development is the process of creating malware using software development practices.
Read More
malware disabling SELinux
0001-01-01
Some examples of Linux malware such as the Skidmap malware will disable SELinux by running commands such as:
Read Moreecho 0 > /selinux/enforce setenforce 0 ...
malware disguising User-Agent strings
0001-01-01
Often, malware or malicious actors will change the values of their User-Agent to circumvent security measures or avoid fingerprinting by security ...
Read More
malware family
0001-01-01
A malware family is a group of malware that shares similar traits and a common code base.
Read More
malware gathering system information
0001-01-01
malware often gathers information about a system such as its physical specs, networking configuration, operating system name and version, process ...
Read More