In the world of malware analysis, there is sometimes confusion between the terms “artifacts” and “indicators of compromise (IOCs).” This is understandable because many malware analysis engines don’t distinguish between the two. First, let’s define the terms. When a malware sandbox dynamically analyzes a threat, it collects pieces of forensic