where a piece of software presents itself as legitimate, through pretending to be another vendors piece of software, when it actually is not and contains malicious code. This malware type is defined more on it’s propagation method than its actual payload.
IoCs
- invalid or missing application digital signature
- Command and Control C&C traffic
- known malicious IP contact
- directory creation