misp-taxonomies/malware_classification
V d0f01210c8
Update machinetag.json
Added Zombieware category, malware that has been abandoned by its operators, and despite being abandoned, new replications of the malware continue to appear in the wild.
2024-04-29 09:50:35 +00:00
..
README.md add Botnet to malware_classification:malware-category 2016-08-12 10:29:28 +02:00
machinetag.json Update machinetag.json 2024-04-29 09:50:35 +00:00

README.md

Malware Classification

Malware Categories

All malware samples should be classified into one of the categories listed in the table below.

Virus
Worm
Trojan
Ransomware
Rootkit
Downloader
Adware
Spyware
Botnet

Obfuscation Classification

All malware samples should be classified into one of the categories listed in the table below.

no-obfuscation
No obfuscation is used
encryption
encryption
oligomorphism
oligomorphism
metamorphism
metamorphism
stealth
stealth
armouring
armouring
encryption
encryption
tunneling
tunneling
XOR
XOR
BASE64
BASE64
ROT13
ROT13
## Payload Classification

Memory Classification

Machine-parsable Malware Classification

The repository contains a JSON file including the machine-parsable tags along with their human-readable description. The software can use both representation on the user-interface and store the tag as machine-parsable.

malware_classification:malware-category="virus"

Based on:

https://www.sans.org/reading-room/whitepapers/incident/malware-101-viruses-32848