What are Malware Artifacts?

Malware artifacts are items left over from malware infection. Automated remediation tools such as Anti-virus software will remove the malicious file, but leave the mechanism used to start the malicious file.** 

Common artifacts Huntress identifies include:

  • LNK (shortcut) files: the LNK file points to a non-existent file
  • Registry values
  • Service entries: the service is still registered with the Service Control Manager, but the service executable is not present
  • Directories: a registry value or LNK file may have pointed to a file that is no longer present, but the directory remains

**Some malware will delete itself after running and potentially leave artifacts as well.

Still need help? Contact Us Contact Us