Recent ransomware attacks (e.g., Colonial and JBS) caused significant social and economic impact due to their ability to shut down entire businesses. A functional model divides nextgeneration malware (NG-malware) attacks into 3 stages: Penetration (to gain a foothold), Propagation (to gain full control of target system), and a variety of Exploitation methods. The functional model shows that many attack methods and tools can be flexibly combined to bypass implementation-specific defenses at each stage, with the most important defense battleground being the prevention of NG-malware gaining full control of target system. Given the potential for further evolution of MG-malware, e.g., obfuscation of lateral movement jobs to increase both the speed and stealth of Propagation, it is crucial for the defense to develop effective defenses to detect NG-malware Propagation before ceding full control. An experimental platform that enables detailed evaluation of new NG-malware attacks and defenses is an effective tool in the battle for full control.