2 Malware Flashcards
What is a boot sector virus
They are stored in the first sector of a hard drive and are loaded into memory upon boot up
What is a macro virus
They are embedded into a document and is executed when the document is opened by the user
What is a program virus
They infect an executable or application
What is a multipartite virus
A virus that combines boot and program viruses to first attach itself to the boot sector and system files before attacking other files on the computer
What is an encrypted virus
A computer virus that encrypts its payload with the intention of making detecting the virus more difficult
What is a polymorphic virus
advanced version of encrypted virus that changed itself every time it is executed by altering the decryption module to avoid detection
What is a metamorphic virus
A virus that is able to rewrite itself entirely before it attempts to infect a file
What is an armored virus
A virus that has a layer of protection to confuse a program or person analyzing it
What is a hoax virus
A virus that is a threat that seems real but does not exist
What is the difference between a polymorphic virus and a metamorphic virus
a polymorphic virus changes itself very time it is executed and alters the decryption module. A metamorphic virus rewrites itself entirely before it attempts to infect a file
What is a DLL injection
Malicious code is inserted into a running process on a Windows machine by taking advantage of Dynamic Link Libraries that are loaded at runtime
What is Driver Manipulation
An attack that relies on compromising the kernel-mode device drivers that operate at a privileged or system level
What is placed between two components to intercept called and redirect them
A shim
