org.mitre.maec.default_vocabularies_1.MalwareLabelEnum10 Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of stix Show documentation
Show all versions of stix Show documentation
The Java bindings for STIX v.1.2.0.2
/**
* Copyright (c) 2015, The MITRE Corporation. All rights reserved.
* See LICENSE for complete terms.
*/
//
// This file was generated by the JavaTM Architecture for XML Binding(JAXB) Reference Implementation, v2.2.5-2
// See http://java.sun.com/xml/jaxb
// Any modifications to this file will be lost upon recompilation of the source schema.
// Generated on: 2015.06.23 at 10:59:44 AM EDT
//
package org.mitre.maec.default_vocabularies_1;
import javax.xml.bind.annotation.XmlEnum;
import javax.xml.bind.annotation.XmlEnumValue;
import javax.xml.bind.annotation.XmlType;
/**
* Java class for MalwareLabelEnum-1.0.
*
*
The following schema fragment specifies the expected content contained within this class.
*
*
* <simpleType name="MalwareLabelEnum-1.0">
* <restriction base="{http://www.w3.org/2001/XMLSchema}string">
* <enumeration value="adware"/>
* <enumeration value="appender"/>
* <enumeration value="backdoor"/>
* <enumeration value="boot sector virus"/>
* <enumeration value="bot"/>
* <enumeration value="clicker"/>
* <enumeration value="companion virus"/>
* <enumeration value="cavity filler"/>
* <enumeration value="data diddler"/>
* <enumeration value="downloader"/>
* <enumeration value="dropper file"/>
* <enumeration value="file infector virus"/>
* <enumeration value="fork bomb"/>
* <enumeration value="greyware"/>
* <enumeration value="implant"/>
* <enumeration value="infector"/>
* <enumeration value="keylogger"/>
* <enumeration value="kleptographic worm"/>
* <enumeration value="macro virus"/>
* <enumeration value="malcode"/>
* <enumeration value="mass-mailer"/>
* <enumeration value="metamorphic virus"/>
* <enumeration value="mid-infector"/>
* <enumeration value="mobile code"/>
* <enumeration value="multipartite virus"/>
* <enumeration value="password stealer"/>
* <enumeration value="polymorphic virus"/>
* <enumeration value="premium dialer/smser"/>
* <enumeration value="prepender"/>
* <enumeration value="ransomware"/>
* <enumeration value="rat"/>
* <enumeration value="rogue anti-malware"/>
* <enumeration value="rootkit"/>
* <enumeration value="shellcode"/>
* <enumeration value="spaghetti packer"/>
* <enumeration value="spyware"/>
* <enumeration value="trojan horse"/>
* <enumeration value="variant"/>
* <enumeration value="virus"/>
* <enumeration value="wabbit"/>
* <enumeration value="web bug"/>
* <enumeration value="wiper"/>
* <enumeration value="worm"/>
* <enumeration value="zip bomb"/>
* </restriction>
* </simpleType>
*
*
*/
@XmlType(name = "MalwareLabelEnum-1.0")
@XmlEnum
public enum MalwareLabelEnum10 {
/**
* The 'adware' value specifies any software that is funded by advertising. Some adware may install itself in such a manner as to become difficult to remove, hiding components and disabling removal techniques. Adware may also gather sensitive user information from a system.
*
*/
@XmlEnumValue("adware")
ADWARE("adware"),
/**
* The 'appender' value specifies a file-infecting virus that places its code at the end of the files it infects, adjusting the file's entry point to cause its code to be executed before that of the original file.
*
*/
@XmlEnumValue("appender")
APPENDER("appender"),
/**
* The 'backdoor' value specifies a piece of software which, once running on a system, opens a communication vector to the outside so that the computer can be accessed remotely by an attacker.
*
*/
@XmlEnumValue("backdoor")
BACKDOOR("backdoor"),
/**
* The 'boot sector virus' value specifies a virus that infects the master boot record of a storage device.
*
*/
@XmlEnumValue("boot sector virus")
BOOT_SECTOR_VIRUS("boot sector virus"),
/**
* The 'bot' value specifies a program which resides on an infected system, communicating with and forming part of a botnet. The bot may be implanted by a worm or trojan, which opens a backdoor. The bot then monitors the backdoor for further instructions.
*
*/
@XmlEnumValue("bot")
BOT("bot"),
/**
* The 'clicker' value specifies a trojan that makes a system visit a specific web page, often very frequently and usually with the aim of increasing the traffic recorded by the site and thus increasing revenue from advertising. Clickers may also be used to carry out DDoS attacks.
*
*/
@XmlEnumValue("clicker")
CLICKER("clicker"),
/**
* The 'companion virus' value specifies a virus that takes the place of a particular file on a system instead of injecting code into it.
*
*/
@XmlEnumValue("companion virus")
COMPANION_VIRUS("companion virus"),
/**
* The 'cavity filler' value specifies a type of file-infecting virus which seeks out unused space within the files it infects, inserting its code into these gaps to avoid changing the size of the file and thus not alerting integrity-checking software to its presence.
*
*/
@XmlEnumValue("cavity filler")
CAVITY_FILLER("cavity filler"),
/**
* The 'data diddler' value specifies a type of malware that makes small, random changes to data, such as data in a spreadsheet, to render the data contained in a document inaccurate and in some cases worthless.
*
*/
@XmlEnumValue("data diddler")
DATA_DIDDLER("data diddler"),
/**
* The 'downloader' value specifies a small trojan file programmed to download and execute other files, usually more complex malware.
*
*/
@XmlEnumValue("downloader")
DOWNLOADER("downloader"),
/**
* The 'dropper file' value specifies a type of Trojan that deposits an enclosed payload onto a destination host computer by loading itself into memory, extracting the malicious payload, and then writing it to the file system.
*
*/
@XmlEnumValue("dropper file")
DROPPER_FILE("dropper file"),
/**
* The 'file infector virus' value specifies a virus that infects a system by inserting itself somewhere in existing files; this is the "classic" form of virus.
*
*/
@XmlEnumValue("file infector virus")
FILE_INFECTOR_VIRUS("file infector virus"),
/**
* The 'fork bomb' value specifies a very simple form of malware, a type of rabbit which simply launches more copies of itself. Once a fork bomb is executed, it will attempt to run several identical processes, which will do the same, the number growing exponentially until the system resources are overwhelmed by the number of identical processes running, which may in some cases bring the system down and cause a denial of service.
*
*/
@XmlEnumValue("fork bomb")
FORK_BOMB("fork bomb"),
/**
* The 'greyware' value specifies software that, while not definitely malicious, has a suspicious or potentially unwanted aspect.
*
*/
@XmlEnumValue("greyware")
GREYWARE("greyware"),
/**
* The 'implant' value specifies code inserted into an existing program using a code patcher or other tool.
*
*/
@XmlEnumValue("implant")
IMPLANT("implant"),
/**
* The 'infector' value specifies a function of malware that alters target files for the purpose of persisting and hiding the injected malware.
*
*/
@XmlEnumValue("infector")
INFECTOR("infector"),
/**
* The 'keylogger' value specifies a type of program implanted on a system to monitor the keys pressed and thus record any sensitive data, such as passwords, entered by the user.
*
*/
@XmlEnumValue("keylogger")
KEYLOGGER("keylogger"),
/**
* The 'kleptographic worm' value specifies a worm that encrypts information assets on compromised systems so they can only be decrypted by the worm's author, also known as information-stealing worm.
*
*/
@XmlEnumValue("kleptographic worm")
KLEPTOGRAPHIC_WORM("kleptographic worm"),
/**
* The 'macro virus' value specifies a virus that uses a macro language, for example in Microsoft Office documents.
*
*/
@XmlEnumValue("macro virus")
MACRO_VIRUS("macro virus"),
/**
* The 'malcode' value is short for malicious code, also known as malware.
*
*/
@XmlEnumValue("malcode")
MALCODE("malcode"),
/**
* The 'mass-mailer' value specifies a worm that uses email to propagate across the internet.
*
*/
@XmlEnumValue("mass-mailer")
MASS_MAILER("mass-mailer"),
/**
* The 'metamorphic virus' value specifies a virus that changes its own code with each infection.
*
*/
@XmlEnumValue("metamorphic virus")
METAMORPHIC_VIRUS("metamorphic virus"),
/**
* The 'mid-infector' value specifies a type of file-infecting virus which places its code in the middle of files it infects. It may move a section of the original code to the end of the file, or simply push the code aside to make space for its own code.
*
*/
@XmlEnumValue("mid-infector")
MID_INFECTOR("mid-infector"),
/**
* The 'mobile code' value specifies 1. Code received from remote, possibly untrusted systems, but executed on a local system. 2. Software transferred between systems (e.g across a network) and executed on a local system without explicit installation or execution by the recipient.
*
*/
@XmlEnumValue("mobile code")
MOBILE_CODE("mobile code"),
/**
* The 'multipartite virus' value specifies malware that infects boot records, boot sectors, and files.
*
*/
@XmlEnumValue("multipartite virus")
MULTIPARTITE_VIRUS("multipartite virus"),
/**
* The 'password stealer' value specifies a type of trojan designed to steal passwords, personal data and details, or other sensitive information from the infected system.
*
*/
@XmlEnumValue("password stealer")
PASSWORD_STEALER("password stealer"),
/**
* The 'polymorphic virus' value specifies a type of virus that encrypts its code differently with each infection, or generation of infections.
*
*/
@XmlEnumValue("polymorphic virus")
POLYMORPHIC_VIRUS("polymorphic virus"),
/**
* The 'premium dialer/smser' value specifies a piece of malware whose primary aim is to dial or send SMS messages to premium rate numbers..
*
*/
@XmlEnumValue("premium dialer/smser")
PREMIUM_DIALER_SMSER("premium dialer/smser"),
/**
* The 'prepender' value specifies a file-infecting virus which inserts code at the beginning of the files it infects.
*
*/
@XmlEnumValue("prepender")
PREPENDER("prepender"),
/**
* The 'ransomware' value specifies a type of malware that encrypts files on a victim's system, demanding payment of ransom in return for the access codes required to unlock files.
*
*/
@XmlEnumValue("ransomware")
RANSOMWARE("ransomware"),
/**
* The 'rat' value specifies a remote access trojan or RAT, which is a trojan horse capable of controlling a machine through commands issue by a remote attacker.
*
*/
@XmlEnumValue("rat")
RAT("rat"),
/**
* The 'rogue anti-malware' value specifies a fake security product that demands money to clean phony infections.
*
*/
@XmlEnumValue("rogue anti-malware")
ROGUE_ANTI_MALWARE("rogue anti-malware"),
/**
* The 'rootkit' value generally refers to a method of hiding files or processes from normal methods of monitoring, and is often used by malware to conceal its presence and activities. Originally, the term applied to UNIX-based operating systems - a root kit was a collection of tools to enable a user to obtain root (administrator-level) access to a system and conceal any changes they might make. Such tools often included trojanized versions of standard monitoring software which would hide the root kit operators' activities. More recently the term has generally been applied to malware using stealth techniques. Rootkits can operate at a number of levels, from the application level - simply replacing or adjusting the settings of system software to prevent the display of certain information - through hooking certain functions or inserting modules or drivers into the operating system kernel, to the deeper level of firmware or virtualization rook kits, which are activated before the operating system and thus even harder to detect while the system is running.
*
*/
@XmlEnumValue("rootkit")
ROOTKIT("rootkit"),
/**
* The 'shellcode' value specifies 1. A small piece of code that activates a command-line interface to a system that can be used to disable security measures, open a backdoor, or download further malicious code. 2. A small piece of code that opens a system up for exploitation, sometimes by not necessarily involving a command-line shell.
*
*/
@XmlEnumValue("shellcode")
SHELLCODE("shellcode"),
/**
* A packer that obfuscates programs by emitting "spaghetti" code with a complex and tangled control structure.
*
*/
@XmlEnumValue("spaghetti packer")
SPAGHETTI_PACKER("spaghetti packer"),
/**
* The 'spyware' value specifies software that gathers information and passes it to a third-party without adequate permission from the owner of the data. It may also be used in a wider sense, to include software that makes changes to a system or any of its component software, or which makes use of system resources without the full understanding and consent of the system owner.
*
*/
@XmlEnumValue("spyware")
SPYWARE("spyware"),
/**
* The 'trojan horse' value specifies a piece of malicious code disguised as something inert or benign.
*
*/
@XmlEnumValue("trojan horse")
TROJAN_HORSE("trojan horse"),
/**
* The 'variant' value refers to the fact that types of malware can be subdivided into a number of families, or groups sharing many similarities, generally based on the same blocks of code and sharing similar behaviours. Within a family, a variant signifies a single individual item that is uniquely different from other members of the same family.
*
*/
@XmlEnumValue("variant")
VARIANT("variant"),
/**
* The 'virus' value specifies 1. A self-replicating malicious program that requires human interaction to replicate. 2. A self-replicating program that runs and spreads by modifying other programs or files.
*
*/
@XmlEnumValue("virus")
VIRUS("virus"),
/**
* The 'wabbit' value specifies a form of self-replicating malware that makes copies of itself on the local system. Unlike worms, rabbits do not attempt to spread across networks.
*
*/
@XmlEnumValue("wabbit")
WABBIT("wabbit"),
/**
* The 'web bug' value specifies a piece of code, generally a small file such as a tiny, transparent GIF image, which is used to track data on those viewing the page or mail in which it is hidden.
*
*/
@XmlEnumValue("web bug")
WEB_BUG("web bug"),
/**
* The 'wiper' value specifies a piece of malware whose primary aim is to delete files or entire disks on a machine.
*
*/
@XmlEnumValue("wiper")
WIPER("wiper"),
/**
* The 'worm' value specifies 1. A self-replicating malicious program that replicates using a network and does not require human interaction. 2. A self-replicating, self-propagating, self-contained program that uses networking mechanisms to spread itself.
*
*/
@XmlEnumValue("worm")
WORM("worm"),
/**
* The 'zip bomb' value specifies a file compressed into some archive format and that expands to an enormous size when uncompressed, often by looping over the extraction code until the system's resources are exhausted.
*
*/
@XmlEnumValue("zip bomb")
ZIP_BOMB("zip bomb");
private final String value;
MalwareLabelEnum10(String v) {
value = v;
}
public String value() {
return value;
}
public static MalwareLabelEnum10 fromValue(String v) {
for (MalwareLabelEnum10 c : MalwareLabelEnum10.values()) {
if (c.value.equals(v)) {
return c;
}
}
throw new IllegalArgumentException(v);
}
}