Malware Cards

Malware Intel Cards (aka Malware Cards) provide an on-demand summary of essential information related to a specific Malware, and are updated in real time as Recorded Future collects new information. You can use Malware Cards as a starting point when assessing whether this Malware poses a specific risk to your organization, and further can be used in identify associated indicators of compromise. Malware Cards are also pivot points during investigations that start with another indicator, a vulnerability, or a threat actor.

Descriptions of several common components of the Malware Card are found in the Overview of Intel Cards; the details below are specific to the Malware Card:

Header

The Malware Card header include known synonyms for the Malware family.  Along with the usual reference counts and first/last seen dates, the header also includes Malware Category information:

Timelines

Malware Cards may show two timelines. The first timeline, colored in blue, summarizes all reported events involving this entity in the last 60 days. The second timeline summarizes reported Cyber Attack and Cyber Exploit events specifically. Each day in the cyber event timeline is color coded by the criticality of the Cyber Threat signal for this entity on that date.

Related Email Addresses

In addition to the standard related entity lists, Malware cards also offer a list of related Email Address entities. This can be valuable in identifying online personas related to the malware too.

Was this article helpful?
2 out of 2 found this helpful

The content of this article is confidential and intended solely for the use of individuals with authorized access to the Recorded Future service. Do not download or distribute this article.
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment. Please note that your name will be displayed.