History

Alexandre Dulaunoy 6f141c736c chg: [malware_classification] add `Stalkerware` from #275		2024-03-13 16:39:04 +01:00
..
README.md	add Botnet to malware_classification:malware-category	2016-08-12 10:29:28 +02:00
machinetag.json	chg: [malware_classification] add `Stalkerware` from #275	2024-03-13 16:39:04 +01:00

README.md

Malware Classification

Malware Categories

All malware samples should be classified into one of the categories listed in the table below.

Virus
Worm
Trojan
Ransomware
Rootkit
Downloader
Adware
Spyware
Botnet

Obfuscation Classification

All malware samples should be classified into one of the categories listed in the table below.

no-obfuscation: No obfuscation is used
encryption: encryption
oligomorphism: oligomorphism
metamorphism: metamorphism
stealth: stealth
armouring: armouring
encryption: encryption
tunneling: tunneling
XOR: XOR
BASE64: BASE64
ROT13: ROT13

## Payload Classification

Memory Classification

Machine-parsable Malware Classification

The repository contains a JSON file including the machine-parsable tags along with their human-readable description. The software can use both representation on the user-interface and store the tag as machine-parsable.

malware_classification:malware-category="virus"

Based on:

https://www.sans.org/reading-room/whitepapers/incident/malware-101-viruses-32848