Knogin
[Domínios API]

Malware Domain

The Malware domain provides malware profile management for threat intelligence investigations. It enables analysts to create, track, and analyze malware samples including their capabilities, family attribution, file char

Metadados do modulo

The Malware domain provides malware profile management for threat intelligence investigations. It enables analysts to create, track, and analyze malware samples including their capabilities, family attribution, file char

Voltar a Todos os Módulos

Referencia de origem

content/modules/domain-malware.md

Última Atualização

5 de fev. de 2026

Categoria

Domínios API

Checksum do conteudo

9de02ac4ffe86a39

Etiquetas

api-domainsai

Documentacao renderizada

Esta pagina renderiza o Markdown e Mermaid do modulo diretamente da fonte publica de documentacao.

Overview#

The Malware domain provides malware profile management for threat intelligence investigations. It enables analysts to create, track, and analyze malware samples including their capabilities, family attribution, file characteristics, and threat actor associations.

Key Features#

  • Malware profile creation and management with detailed metadata
  • Family attribution for categorizing malware by lineage
  • Capability tracking for documenting malware behaviors
  • File hash management for sample identification
  • Reference linking to external intelligence sources
  • Investigation association for case context
  • Threat level and secrecy level classification

Use Cases#

  • Cataloging malware samples discovered during cyber investigations
  • Tracking malware family relationships and capability evolution
  • Linking malware profiles to threat actors and investigations
  • Managing file hashes for malware sample identification and correlation

Integration#

The Malware domain integrates with Investigation for case linking, Threat Intel for enrichment, and the intelligence service for AI-powered analysis.

Last Reviewed: 2026-02-05