Distinguish between custom malware and open source malware/tool

[r0ny123]

Currently, malpedia doesn't tell if a tool/malware is open sourced that has been (ab)used by threat actors.

So, we need to :

• Cleary state if a tool/malware is open sourced/publicly available. (also pin the link to the reference page if possible)
• list those tools (e.g. PsExec) while adding references if it is mentioned in a blog. If possible, provide/upload a sample from the actor (if mentioned in a blog).

[danielplohmann]

As a first step, this could be achieved by having a flat text file of assumed "commodity" family names to filter against, which would then be used to separate the library entries for a threat actor where only these and no other actor-related malware families are used/assigned.

These libraries entries should then be shown below all others library entries, under a separate heading "Inferred / Commodity References".

From a quick glance, this could be a draft for a list of "most offensive" malware families:

win.8t_dropper
win.chinachopper
win.cobalt_strike
win.darkcomet
win.ghost_rat
win.koadic
win.mimikatz
win.nanocore
win.nj_rat
win.plugx
win.poison_ivy
win.pupy
win.quasar_rat
win.remcos
win.shadowpad

(this is also a duplicate of #12)