Indicator of compromise (IoC)

What is Indicator of compromise (IoC)

A piece of malware that contains its distinctive features, information about itself, its creators, their goals. For example, an IoC could be a specific IP address or a particular domain name. However, the IoC does not necessarily need to be a single identifier; rather, it could be a combination of several indicators. In addition, the IoC may describe the malware in more detail than just the technical characteristics. For instance, the IoC might mention a method of distribution, a command-and-control (C&C) server, or the intended target audience.