Malware is a type of TTP that represents malicious code. It refers to a program that is covertly inserted into a system. Malware applies for STIX 2.x.

The intent of a malware is to compromise the confidentiality, integrity, or availability of the victim's data, applications, or operating system (OS).

The Malware SDO characterizes, identifies, and categorizes malware instances and families from data that is derived from analysis. This SDO captures detailed information about how the malware works and what it does.