I am trying to analyse some malware samples but I am trying to understand the differen between malware signatures and malware artifacts. As far as I understand (and from what I've understood from this other post: What is the difference between artifact and evidence) both terms can be defined as follows:
Signatures: Specific actions/changes/files which are specific to particular malware and, thus, are known to be malicious.
Artifacts: Actions/changes/files which have created by a program and which must be analysed to know if they are malicious or not.
Could you please tell me if it's correct or not and elaborate on my definitions? I would really appreciate it.
