Skip to content

Latest commit

 

History

History
 
 

stealth-malware

Folders and files

NameName
Last commit message
Last commit date

parent directory

..

README.md

README.md

 
 

machinetag.json

machinetag.json

 
 

README.md

Stealth Malware Taxonomy

Malware Types

All malware samples should be classified into one of the categories listed in the table below.

Type 0
No OS or system compromise. The malware runs as a normal user process using only official API calls.
Type I
The malware modifies constant sections of the kernel and/or processes such as code sections.
Type II
The malware does not modify constant sections but only the dynamic sections of the kernel and/or processes such as data sections.
Type III
The malware does not modify any sections of the kernel and/or processes but influences the system without modifying the OS. For example using hardware virtualization techniques.

Machine-parsable Stealth Malware Taxonomy

The repository contains a JSON file including the machine-parsable tags along with their human-readable description. The software can use both representation on the user-interface and store the tag as machine-parsable.

stealth_malware:type="II"

Based on:

https://vxheaven.org/lib/pdf/Introducing%20Stealth%20Malware%20Taxonomy.pdf