3,697 indexed
SOFTWARESoftware & malware
3,697 tools and malware families — MITRE ATT&CK Software plus the wider cs-graph malware corpus. Use /search for keyword + ID lookup. Authored by Adam Lundqvist.
Showing 401–450 of 3,697 · page 9 of 74
| ID | Title | Summary |
|---|---|---|
| CADELSPY | Cadelspy | |
| CAESAR-RAT | Caesar RAT | Caesar is an HTTP-based RAT that allows you to remotely control devices directly from your browser. |
| CAINXPII | CainXPii | Ransomware |
| CALENDAR | CALENDAR | This family of malware uses Google Calendar to retrieve commands and send results. It retrieves event feeds associated with Google Calendar, where each event c… |
| CANCER-RANSOMWARE-FAKE | Cancer Ransomware FAKE | It’s directed to English speaking users, therefore is able to infect worldwide. It is spread using email spam, fake updates, attachments and so on. This is a … |
| CARDINAL | Cardinal | Cardinal is a remote access trojan (RAT) discovered by Palo Alto Networks in 2017 and has been active for over two years. It is delivered via a downloader, kno… |
| CARDINAL-RAT | Cardinal RAT | Palo Alto Networks has discovered a previously unknown remote access Trojan (RAT) that has been active for over two years. It has a very low volume in this two… |
| CARNA | Carna | The Carna botnet was a botnet of 420,000 devices created by an anonymous hacker to measure the extent of the Internet. The data was collected by infiltrating I… |
| CARP-DOWNLOADER | Carp Downloader | In 2017, Unit 42 reported on and analyzed a low-volume malware family called Cardinal RAT. This malware family had remained undetected for over two years and w… |
| CASA-RAT | Casa RAT | |
| CASPER | Casper | |
| CASSETTO-RANSOMWARE | Cassetto Ransomware | Michael Gillespie saw an encrypted file uploaded to ID Ransomware that appends the .cassetto extension and drops a ransom note named IMPORTANT ABOUT DECRYPT.tx… |
| CATB | catb | CatB ransomware was first observed in late 2022, gaining attention for abusing DLL hijacking via the Microsoft Distributed Transaction Coordinator (MSDTC) serv… |
| CATDDOS | CatDDoS | |
| CATERPILLAR-WEBSHELL | Caterpillar WebShell | |
| CCECRYPT | CCECrypt | ransomware |
| CECBOT | CECbot | CECbot: Android TV botnet with HDMI-CEC abuse, successor to Katana |
| CECILIO | cecilio | CatDDoS derivative with modified RC4 cipher, OpenNIC C2 |
| CENTRAL-SECURITY-TREATMENT-ORGANIZATION | Central Security Treatment Organization | Ransomware |
| CEPHALO | Cephalo | Ransomware |
| CEPHALUS | cephalus | |
| CERBER | Cerber | Ransomware |
| CERBERIMPOSTER | cerberimposter | Cerber Imposer is a post-2019 rebrand of the Cerber ransomware family, resurfacing in late 2021 with updated targeting of enterprise environments. Unlike its c… |
| CERBEROS | Cerberos | Ransomware |
| CERBERSYSLOCK | cerbersyslock | CerBerSysLock first appeared in December 2017 as a cryptoransomware imposter, leveraging Cerber-style branding to deceive victims. It uses XOR-based encryption… |
| CERBERTEAR-RANSOMWARE | CerberTear Ransomware | This is most likely to affect English speaking users, since the note is written in English. English is understood worldwide, thus anyone can be harmed. The hac… |
| CERBERUS-RAT | Cerberus RAT | |
| CERTMIG | CertMig | Legitimate tool - command-line tool used to import and export certificates on a machine. The attackers use this toolto gather credentials used for VPN authenti… |
| CHAINLINE | CHAINLINE | CHAINLINE is a Python webshell backdoor that is embedded in a Ivanti Connect Secure Python package that enables arbitrary command execution./nCHAINLINE was ide… |
| CHAINSHOT | Chainshot | The new piece of malware, which received the name Chainshot, is used in the early stages of an attack to activate a downloader for the final payload in a malic… |
| CHALUBO | Chalubo | Since early September, SophosLabs has been monitoring an increasingly prolific attack targeting Internet-facing SSH servers on Linux-based systems that has bee… |
| CHAMELEON | Chameleon | The Chameleon botnet is a botnet that was discovered on February 28, 2013 by the security research firm, spider.io. It involved the infection of more than 120,… |
| CHAOS | Chaos | |
| CHAR0N | Char0n | |
| CHARMANT | Charmant | Ransomware |
| CHARTWIG-RANSOMWARE | Chartwig Ransomware | It’s directed to English speaking users, therefore is able to infect worldwide. It is spread using email spam, fake updates, attachments and so on. It encryp… |
| CHEERS | Cheers | Cheers is a Linux-based ransomware variant observed starting in May 2022, engineered specifically to target VMware ESXi servers. The malware was developed from… |
| CHEERSCRYPT | Cheerscrypt | Ransomware |
| CHEKYSHKA | Chekyshka | Ransomware |
| CHERNOLOCKER | ChernoLocker | Ransomware |
| CHESHIRE-CAT | Cheshire Cat | Oldest Cheshire Cat malware compiled in 2002. It's a very old family of malware. The time stamps may be forged but the malware does have support for very old o… |
| CHILELOCKER | chilelocker | ChileLocker first emerged in August 2022 and is considered part of the broader ARCrypter ransomware family. It employs a double-extortion model, encrypting Win… |
| CHIMERA | Chimera | Ransomware |
| CHINA-CHOPPER | China Chopper | China Chopper is a publicly available, well-documented web shell, in widespread use since 2012. |
| CHINAYUNLONG | ChinaYunLong | Ransomware |
| CHIP-RANSOMWARE | Chip Ransomware | It’s directed to English speaking users, therefore is able to infect worldwide. It is spread using email spam, fake updates, attachments and so on. It encryp… |
| CHISEL | Chisel | Chisel is a fast TCP/UDP tunnel, transported over HTTP, secured via SSH. Single executable including both client and server. Written in Go (golang). Chisel is … |
| CHOPSTICK | CHOPSTICK | backdoor used by apt28 |
| CHORT | chort | Chort is a relatively new data-extortion ransomware group that surfaced in late 2024, with confirmed activity beginning in October–November 2024. It operates u… |
| CHRISTMAS | Christmas | Ransomware |