The most vulnerable nodes of any information system are those that depend on the human factor. Such nodes, for example, include user electronic computers (PCs), which are susceptible to attacks using malicious software (malware). Modern malware detection tools can effectively identify known instances, but their effectiveness for zero-day threats is at a suboptimal level. One of the potential ways to identify malware is a method based on behavioral analysis and analysis of their activity on a personal computer, but its creation requires systematization of known information about the activity of various types of malwares. This scientific work systematizes malicious software to determine the types of activity they exhibit to use the resulting system to create a method for identifying malware based on behavioral analysis