What are Malware Artifacts?

Malware artifacts are items left over from malware infection. Automated remediation tools such as Anti-virus software will remove the malicious file, but leave the mechanism used to start the malicious file.** 

Common artifacts Huntress identifies include:

  • LNK (shortcut) files: the LNK file points to a non-existent file
  • Registry values (especially values within the user registry/NTUSER.dat file)
  • Service entries: the service is still registered with the Service Control Manager, but the service executable is not present
  • Directories: a registry value or LNK file may have pointed to a file that is no longer present, but the directory remains

**Some malware will delete itself after running and potentially leave artifacts as well.

Did this answer your question? Thanks for the feedback There was a problem submitting your feedback. Please try again later.

Need help? Click here to Contact Us Click here to Contact Us