During a routine configuration audit, a systems administrator determines that a former employee placed an
executable on an application server. Once the system was isolated and diagnosed, it was determined that the
executable was programmed to establish a connection to a malicious command and control server. Which of
the following forms of malware is best described in the scenario?