https://github.com/qeeqbox/malware-and-indicators-of-compromise

https://github.com/qeeqbox/malware-and-indicators-of-compromise

Last synced: 3 months ago
JSON representation

• Host: GitHub
• URL: https://github.com/qeeqbox/malware-and-indicators-of-compromise
• Owner: qeeqbox
• License: agpl-3.0
• Created: 2024-01-28T23:38:51.000Z (over 1 year ago)
• Default Branch: main
• Last Pushed: 2024-01-28T23:39:42.000Z (over 1 year ago)
• Last Synced: 2025-01-16T05:55:51.748Z (5 months ago)
• Homepage:
• Size: 15.6 KB
• Stars: 1
• Watchers: 1
• Forks: 0
• Open Issues: 0
• Metadata Files:
  • Readme: README.md
  • License: LICENSE

Awesome Lists containing this project

README

        
### Malware

A file or code with malicious intent

* * *

### Malware Analysis

The process of determining the behavior, purpose and origin of a malware sample

#### Types

*   Static Analysis  

    *   Collecting information about a malware file without running it (Usually companies use this first, then switch to Dynamic)  

        *   Signature based (Fast)

*   Dynamic Analysis  

    *   Collecting information about a malware file while running it

        *   Behavior based (Slower)

*   Hybrid Analysis

    *   Collecting information about a malware with and without running it

* * *

### Indication of Compromise (IoC)

Detect on information about an attack after it happens (Reactive approach, any digital or physical evidence - Static)

*   Sigs

*   IP address

*   Hashes

* * *

### Malware Classifications

Malware classifications and families are defined by companies (There is no specific model\\framework used)

* * *

### net.worm

A malicious file that spreads using exploits

#### Example

*   Sasser

* * *

### email.worm

A malicious file that spreads using email

#### Example

*   Brontok

* * *

### irc.worm

A malicious file that spreads using IRC

#### Example

*   Adrenaline

* * *

### trojan.banker

A malicious file that steals bank credentials

#### Example

*   Panda

* * *

### trojan.game

A malicious file that steals game credentials

#### Example

*   magania

* * *

### trojan.ppi

A malicious file that steals personal info

#### Example

*   Fareit

* * *

### trojan.spy 

A malicious file that uses keylogger

#### Example

*   Zeus

* * *

###  trojan.ransom

A malicious file that encrypts files

#### Example

*   Petya

* * *

### trojan.proxy

A malicious file that has proxy

* * *

### trojan.sms

A malicious file sends SMS messages

#### Example

*   Fakeinst

* * *

### trojan.clicker

A malicious file utilizing clicking to boost rank

* * *

### trojan.ddos

A malicious file has flood attacks ability

#### Example

*   Kozog

* * *

### trojan.dropper

A malicious file that drops files

#### Example

*   Autoit

* * *

### trojan.downloader

A malicious file that downloads files

#### Example

*   Andromeda

* * *

### trojan.backdoor

A malicious file that provides unauthorized access

#### Example

*   DarkKomet

* * *

### trojan

A malicious file that does not contain the previous actions

* * *

### hacktool

A software that is being used to perform malicious actions

#### Example

*   KMSAuto

* * *

### rootkit

A malicious file that modifies system applications or kernel code (It can alter the entire operating system)

#### Example

*   Rovnix

* * *

### riskware

A software that does a specific functionality

* * *

### fakeware

A hoax software that tricks users into thinking it's legitimate software

* * *

### adware

A software that displays advertisements