| Feature category |
---|
.cerber | File extension |
.enc | |
.lukitus | File extension |
AES encryption | Encryption |
AOL password theft | Data theft |
Affiliation | Commercial model |
Anti-virus blocking | Armor |
Anti-virus checking | Criminal services |
Anti-virus uninstall | Armor |
ApacheKiller | Denial of service |
Armadillo | Packers |
Automated transfer system (ATS) | Injections |
BIOS installation | Rootkit |
Backconnect server | Backdoors |
Backdoor | Backdoors |
Bandwidth flood | Denial of service |
Banking credential theft | Data theft |
Base64 encoding | Encoding |
Bebo password theft | Data theft |
Bitcoin mining | Resource exploitation |
Bitcoin payment | Monetization |
Bitcoin wallet theft | Data theft |
Booter | Denial of service |
Bootkit | Rootkit |
Browse file systems | Data theft |
Browser password theft | Data theft |
Brute-force | Distribution vector |
Bullet-proof hosting | Criminal services |
CAPTCHA display to solve | Resource exploitation |
Camera capture | Audio visual |
Carding | Criminal services |
Certificate theft | Data theft |
Check CPU name in registry | Armor |
Chrome browser extension | Data theft |
Click fraud | Resource exploitation |
Command shell | Remote control |
Component Object Model (COM) | Tunnel |
Contact theft | Data theft |
Cookie theft | Data theft |
Credit card checking | Criminal services |
Credit card data theft | Data theft |
Cross-infection | Potency |
Custom C&C encryption algorithm | Encryption |
Custom XOR-based encryption | Encryption |
Custom encryption algorithm | Encryption |
Custom packer | Packers |
DDoS | Denial of service |
DNS blocking of AV companies | Armor |
DNS configuration modification | Traffic hijacking techniques |
DNS hijack | Traffic hijacking techniques |
Data compression | Encoding |
Data theft | Data theft |
Debugging | Maintenance |
Debugging detection | Armor |
Decryption of locked files | Annoyance |
Diffie-Hellman | Encryption |
Disable network adapters | Annoyance |
Display advertising pop-ups | Monetization |
Display pop-up message | Annoyance |
Document theft | Data theft |
Domain generation algorithm | DNS and URL features |
Double fastflux | DNS and URL features |
Dynamic DNS | DNS and URL features |
Dynamic webinject configuration update | Injections |
Elliptic curve encryption | Encryption |
Email harvesting | Data theft |
Email password theft | Data theft |
Email surveillance | Interception |
Email worm | Distribution vector |
Encrypt MFT | Annoyance |
Encrypt files | Annoyance |
Encrypt without C&C connection | Annoyance |
Encryption of captured data | Encryption |
Enigma | Packers |
Erase files | Annoyance |
Exchange | Criminal services |
FTP client password theft | Data theft |
FTP password theft | Data theft |
Facebook password theft | Data theft |
Facebook vector | Distribution vector |
Fast flux | DNS and URL features |
File download | Remote control |
File execute | Remote control |
File theft | Data theft |
File upload | Remote control |
FileZilla password theft | Data theft |
Firefox cookie theft | Data theft |
Firefox password theft | Data theft |
Form data theft | Data theft |
Forum | Criminal services |
Friendster password theft | Data theft |
GET flood | Denial of service |
GRE flood | Denial of service |
Geolocalisation | Maintenance |
Gmail spam | Spam |
HTTP flood | Denial of service |
HTTP password theft | Data theft |
HTTP proxy | Proxy |
Handle generation algorithm | DNS and URL features |
Hidden file storage | Armor |
Hosts modification | Traffic hijacking techniques |
IM password theft | Data theft |
IM surveillance | Interception |
Internet Explorer password theft | Data theft |
JDownloader password theft | Data theft |
JPEG encoding | Encoding |
Java Signed Applet Social Engineering Code Execution | Injections |
Javascript injection | Injections |
Keylogger | Interception |
Kill system processes | Remote control |
Kit | Commercial model |
Launch delay | Armor |
Layer 7 attack | Denial of service |
Lock system | Annoyance |
Logging | Maintenance |
Luhn algorithm check | Data validation |
MBR installation | Rootkit |
MBR overwrite | Annoyance |
MSN vector | Distribution vector |
MTAN interception | Interception |
Mail client password theft | Data theft |
Mailslot | Tunnel |
Man in the browser | Injections |
Memory scrapping | Data theft |
Microphone capture | Audio visual |
MoneXy payment | Monetization |
Monitor mouse events | Armor |
Mozilla Sqlite data theft | Data theft |
Mozilla browser extension | Browser extensions |
Netcat | Backdoors |
Netflix password theft | Data theft |
Network information gathering | Maintenance |
Network sniffing | Interception |
Open website in browser | Annoyance |
Outlook password theft | Data theft |
POP3 password theft | Data theft |
POST flood | Denial of service |
Password theft | Data theft |
Pay-per-install | Criminal services |
Paypal password theft | Data theft |
Pharming | Traffic hijacking techniques |
Phishing | Spam |
Phone home | Maintenance |
Pidgin password theft | Data theft |
Polymorphism | Armor |
Pop-up | Annoyance |
Port scanning | Maintenance |
Premium SMS | Monetization |
Premium calls | Monetization |
Premium services | Monetization |
Produce spam from templates | Spam |
Proxy | Proxy |
Query system processes | Remote control |
RC4 encryption | Encryption |
RDP vector | Distribution vector |
Register as print processor | Armor |
Regular expression filtering | Data validation |
Remote control | Remote control |
Removable drive vector | Distribution vector |
Removal of competing malware | Armor |
Right-to-left override | Distribution vector |
Rootkit | Rootkit |
Run commands | Remote control |
SMS interception | Interception |
SMS payment | Monetization |
SMS spam | Spam |
SOCKS | Proxy |
SOCKS5 | Proxy |
SPDY grabbing | Interception |
SQL Injection | Distribution vector |
SYN flood | Denial of service |
Screen capture | Audio visual |
Search results manipulation | Traffic hijacking techniques |
Send spam | Spam |
Sendspace password theft | Data theft |
Server-side polymorphism | Armor |
Shared drive vector | Distribution vector |
Skype surveillance | Interception |
Skype vector | Distribution vector |
Slow POST | Denial of service |
Slowloris | Denial of service |
Social network vector | Distribution vector |
Software ID theft | Data theft |
Startpage modification | Traffic hijacking techniques |
Steganography | Encryption |
Store data in ADS | Armor |
String stacking | Armor |
System information gathering | Maintenance |
TCP flood | Denial of service |
TDS | Criminal services |
TELock | Packers |
Themida | Packers |
Torrent vector | Distribution vector |
Traffic distribution service | Criminal services |
Twitter password theft | Data theft |
Twofish encryption | Encryption |
UDP flood | Denial of service |
UPX Packing | Packers |
UPX Protector | Packers |
URL redirection | Traffic hijacking techniques |
USB vector | Distribution vector |
Uninstall | Maintenance |
Update | Maintenance |
Upload minidump | Maintenance |
VMProtect | Obfuscators |
VNC password theft | Data theft |
VNC server | Backdoors |
Video screen capture | Audio visual |
Virtual machine detection | Armor |
Visual Basic crypter | Packers |
Vkontakte password theft | Data theft |
Voice-over-IP surveillance | Interception |
Web password theft | Data theft |
Web server | Resource exploitation |
Webinject | Injections |
Windows products ID theft | Data theft |
Winpcap interception | Interception |
WoW password theft | Data theft |
Worm | Distribution vector |
XOR encoding | Encoding |
YIM vector | Distribution vector |