{ "namespace": "threatmatch-malware-types", "expanded": "Malware Types for Sharing into ThreatMatch and MISP", "version": 1, "description": "The ThreatMatch Malware types are applicable for any ThreatMatch instances and should be used for all CIISI and TIBER Projects.", "refs": [ "https://www.secalliance.com/platform/", "https://www.ecb.europa.eu/press/pr/date/2020/html/ecb.pr200227_1~062992656b.en.html" ], "predicates": [ { "value": "malware_type", "expanded": "Malware type" } ], "values": [ { "predicate": "malware_type", "entry": [ { "value": "Adware", "expanded": "Adware" }, { "value": "Backdoor", "expanded": "Backdoor" }, { "value": "Banking Trojan", "expanded": "Banking Trojan" }, { "value": "Botnet", "expanded": "Botnet" }, { "value": "Destructive", "expanded": "Destructive" }, { "value": "Downloader", "expanded": "Downloader" }, { "value": "Exploit Kit", "expanded": "Exploit Kit" }, { "value": "Fileless Malware", "expanded": "Fileless Malware" }, { "value": "Keylogger", "expanded": "Keylogger" }, { "value": "Legitimate Tool", "expanded": "Legitimate Tool" }, { "value": "Mobile Application", "expanded": "Mobile Application" }, { "value": "Mobile Malware", "expanded": "Mobile Malware" }, { "value": "Point-of-Sale (PoS)", "expanded": "Point-of-Sale (PoS)" }, { "value": "Remote Access Trojan", "expanded": "Remote Access Trojan" }, { "value": "Rootkit", "expanded": "Rootkit" }, { "value": "Skimmer", "expanded": "Skimmer" }, { "value": "Spyware", "expanded": "Spyware" }, { "value": "Surveillance Tool", "expanded": "Surveillance Tool" }, { "value": "Trojan", "expanded": "Trojan" }, { "value": "Virus", "expanded": "Virus " }, { "value": "Worm", "expanded": "Worm" }, { "value": "Zero-day", "expanded": "Zero-day" }, { "value": "Unknown", "expanded": "Unknown" } ] } ] }