misp-taxonomies/malware_classification
Raphaël Vinot 3099290e4c JQ all the things 2017-02-13 12:02:51 +01:00
..
README.md
machinetag.json JQ all the things 2017-02-13 12:02:51 +01:00

README.md

Malware Classification

Malware Categories

All malware samples should be classified into one of the categories listed in the table below.

Virus
Worm
Trojan
Ransomware
Rootkit
Downloader
Adware
Spyware
Botnet

Obfuscation Classification

All malware samples should be classified into one of the categories listed in the table below.

no-obfuscation
No obfuscation is used
encryption
encryption
oligomorphism
oligomorphism
metamorphism
metamorphism
stealth
stealth
armouring
armouring
encryption
encryption
tunneling
tunneling
XOR
XOR
BASE64
BASE64
ROT13
ROT13
## Payload Classification

Memory Classification

Machine-parsable Malware Classification

The repository contains a JSON file including the machine-parsable tags along with their human-readable description. The software can use both representation on the user-interface and store the tag as machine-parsable.

malware_classification:malware-category="virus"

Based on:

https://www.sans.org/reading-room/whitepapers/incident/malware-101-viruses-32848