ThreatFeed
Linkedin-in Youtube Facebook-f
VMRay Pricing
Try VMRay

Home > VMRay Glossary

Glossary

Advanced Threat Detection

Advanced Threat Detection (ATD) refers broadly to a variety of evolving security techniques employed by malware analysts to detect, identify, and respond to advanced and persistent malware threats.
Read More

Cryptolocker

Cryptolocker is a ransomware family that targeted windows systems and encrypted files on a victim’s system before demanding a ransom in exchange for restored access..
Read More

Detecting Sandbox Artifacts

The process of detecting sandbox artifacts is an evasion technique employed by certain malware families. This evasion technique involves an attempt by malware to determine the presence of a sandbox by searching for identifiable artifacts, such as common VM vendor names on files,
Read More

Digital Forensics

Digital Forensics (sometimes referred to as digital forensics science) refers to the field of modern forensics science that deals specifically with the recovery and investigation of digital materials related to acts of alleged or established cybercrimes.
Read More

Dynamic Analysis

Dynamic analysis refers to the process of analyzing a software program or system while it is running.
Read More

Email Threat Detection

Email Threat Detection is a set of detection practices that functions to protect email infrastructure from potentially harmful, targeted malware attacks. These practices should represent the last link in a comprehensive email security apparatus which should also include other, more rudimentary anti-spam and anti-virus scanning tools for best results.
Read More

Emotet

Emotet is a malware family that was first identified by cybersecurity specialists in 2014. In its earliest iterations, it functioned primarily as a banking trojan that attempted to steal financial credentials by intercepting a target system’s network traffic.
Read More

Emulation

An emulation is created when an emulator device (hardware) or program (software) allows for one system (the host) to mimic the functions of a separate system (the guest). An emulation environment is most frequently used to allow a host system to run software programs, peripherals, or other devices designed for
Read More

Formbook

Formbook is a family of data-stealing and form-grabbing malware often described as Malware-as-a-service (MaaS). Since early 2016, malware authors have offered Formbook variants via online hacking forums, frequently with surprisingly mundane subscription pricing models that closely mirror those of legitimate software tools.
Read More

Golden Image

A Golden Image is a pre-configured virtual machine (VM) template that can be applied to servers, disk drives, or desktops. It may also be referred to as a clone image or master image, and they are commonly used by system administrators to develop consistent system environments.
Read More

GuLoader

GuLoader is what is known as a Trojan and is used by cybercriminals to download and execute secondary malware payloads.
Read More

Hooking

Hooking is a computer programming term that refers to a collection of techniques employed to change how applications or operating systems behave. Hooking involves the interception of function calls, system events, or messages, and the code snippets that perform these interceptions are called hooks.
Read More

Intelligent Monitoring

Intelligent Monitoring is a dynamic malware analysis method that employs an agentless approach with its monitoring capabilities embedded completely in the hypervisor – i.e. outside of the virtual machine where the malware sample is detonated.
Read More

Interactive Analysis

Malware analysis is the process of determining the origin, purpose, and functionality of malware samples, and is generally divided into static and dynamic analysis varieties.
Read More

Keylogger

A keylogger (sometimes known as a keystroke logger) refers to either a hardware device or a software program that records or ‘logs” keystrokes registered on a keyboard. However, more advanced keyloggers can also record web page visits, take screenshots, and harvest other data.
Read More

MaaS

Malware-as-a-Service (MaaS) is a cybersecurity term referring to malware that is offered by Malware authors and leased to a criminal customer base, generally on a subscription model. It may best be understood in comparison to its legitimate equivalent, software-as-a-service (SaaS), such as commonly used business services like Dropbox, Slack, or
Read More

Malspam

Whereas spam emails are simple unsolicited emails, malspam (or malicious spam) are spam emails that contain malicious payloads, usually in the form of infected documents or malicious URLs that redirect unknowing users to websites hosting malware.
Read More

Malvertising

Malvertising (or malicious advertising) is a method used by cybercriminals to distribute malware through seemingly legitimate online advertisements.
Read More

Malware

Malware (a shorthand for malicious software) refers to any software designed to specifically harm or exploit a computer, network, server, or client.
Read More

Malware Analysis

Malware Analysis is a study or process of determining the origin, purpose, functionality, and potential impact of a malware specimen.
Read More

Malware Detection

Malware Detection refers to a collection of techniques used to detect potentially harmful malware samples. These techniques are best employed as part of a robust defense system that works to detect malware samples before they have a chance to infect a victim’s system.
Read More

Malware Sandbox

A Malware sandbox is a cybersecurity term referring to a specially prepared monitoring environment that mimics an end-user operating environment.
Read More

Masslogger

Masslogger is a highly obfuscated spyware/stealer malware family that the VMRay Labs Team has been tracking since 2020.. Masslogger typically arrives as a seemingly benign email attachment and follows an extremely complicated, multi-stage infection process that makes it particularly difficult to detect. Once a system is fully infected, MassLogger can

Read More

Pafish

Pafish (Paranoid Fish) is an open-source tool used to detect the presence of analysis environments, including debuggers, virtual machines, and sandboxes.
Read More

Qbot

Qbot (also known as Qakbot, Quakbot, and Pinkslipbot) is a banking Trojan and stealer malware that has been in circulation for over a decade
Read More

RaaS

Ransomware as Service (RaaS) describes a business model developed by malware authors that provides cybercriminal affiliates the ability to purchase access to ransomware tools and infrastructure to execute ransomware attacks.
Read More

Ragnarlocker

Ragnarlocker is a ransomware family first observed in the wild in December 2019. Part of what sets Ragnarlocker attacks apart from many other ransomware operations is the high level of reconnaissance and pre-planning customarily observed in a fully orchestrated attack.
Read More

Ransomware

Ransomware is malware that infects computers and displays messages threatening to either prevent a victim from accessing data, or in some cases, threatens to publish a victim’s data publicly.
Read More

Remote Access Trojan (RAT)

A Remote Access Trojan (RAT) is a type of malware that allows for remote, unauthorized surveillance, complete access, and administrative control of an infected system.
Read More

Rootkit

The term rootkit is a portmanteau of “root,” referring to the administrative account on Unix and Linux systems and a “kit” or collection of software tools that provide administrator-level access.
Read More

Sandbox Detection

The term Sandbox Detection refers to a variety of evasion techniques that malware uses to determine whether or not it is being identified and executed within a sandbox.
Read More

Time-of-Delivery Phishing Detection

ETD scans weblinks in emails immediately and not just when they are clicked.
Read More

Trickbot

Trickbot was discovered by researchers in 2016, and at that time, was a relatively straightforward banking Trojan. It mainly attempted to steal sensitive data, including usernames and passwords, bank account information, and sometimes cryptocurrency.
Read More

Trojan(s)

A Trojan is malware designed to disguise itself as a legitimate file or program. This type of malware gets its name from the mythic Greek legend of a wooden horse presented as a gift to the besieged city of Troy.
Read More

Ursnif

Ursnif (also known as Gozi) is a banking Trojan that generally collects system activity, records keystroke data, and keeps track of network and internet browser activity.
Read More

Wastedlocker Ransomware

WastedLocker is a ransomware orchestrated by the cybercriminal organization known as Evil Corp, previously associated with other malware families, including Dridex and BitPaymer.
Read More

Zero Day Threats

A Zero-Day threat (sometimes called a zero-hour threat) is malware that hasn’t been encountered before, and consequently doesn’t match the signatures of any known malware families.
Read More

Subscribe to our Newsletter:

Linkedin-in Youtube Facebook-f

Solutions

Products

Why VMRay

Resources

Missed the headlines?

We’re featured in:

image 15
image 16
image 17
image 18
© Copyright 2024 VMRay

ThreatFeed

Linkedin-in Youtube Facebook-f
VMRay Pricing
Try VMRay