MalwareTypeVocab-1.0STIX Vocabularies Schema

The MalwareTypeVocab is the default STIX vocabulary for expressing types of malware instances.

Note that this vocabulary is under development. Feedback is appreciated and should be sent to the STIX discussion list.

Vocabulary Items

Item Description
Automated Transfer Scripts
Bot - Credential Theft
Bot - DDoS
Bot - Loader
Bot - Spam
DoS / DDoS
DoS / DDoS - Participatory
DoS / DDoS - Script
DoS / DDoS - Stress Test Tools
Exploit Kits
POS / ATM Malware
Remote Access Trojan
Rogue Antivirus


Field Name Type Description
@vocab_nameoptional string

The vocab_name field specifies the name of the controlled vocabulary.

@vocab_referenceoptional anyURI

The vocab_reference field specifies the URI to the location of where the controlled vocabulary is defined, e.g., in an externally located XML schema file.