Malware
摘要
Attackers can create and use custom malware in their initial access attacks. If these are used as part of a phishing attack, these fall into the MITRE ATT&CK framework at T1566 Phishing; if the malware is sent as an attachment for the targeted user to execute, this could be considered T1566.001 Spearfishing Attachment. If the attacker can convince the user to download their malware from elsewhere like a public website, this could be classified as T1189 Drive-by Compromise.