Standard attack pattern
Draft
CAPEC-542: Targeted Malware
An adversary develops targeted malware that takes advantage of a known vulnerability in an organizational information technology environment. The malware crafted for these attacks is based specifically on information gathered about the technology environment. Successfully executing the malware enables an adversary to achieve a wide variety of negative technical impacts.
Last updated
Not rated
Typical severity
Per MITRE
Not rated
Likelihood of attack
Per MITRE
0
Related weaknesses
CWEs this targets
Standard
Abstraction
MITRE classification
Overview
CAPEC-542 (Targeted Malware) is a standard-level attack pattern catalogued by MITRE in the Common Attack Pattern Enumeration and Classification (CAPEC). It describes a recurring method attackers use to exploit software weaknesses.
How to detect it
Indicators that this attack may be underway.
- Software being run on a system matches a file signature found in a malware database
- A suspicious module is loaded that is not regularly loaded by a system
- Software on a system is making calls to "GetProcAddress()" which is a commonly used function to implement dynamic API resolution