Malware

Question 1

What are the common types of malware

Answer 1

Boot sector
Macro
Program
Multi Partite
encrypted
polymorphic
metamorphic
stealth
armored
Hoax

Question 2

Describe Boot Sector viruses

Answer 2

Stored in the first sector of a HD and is loaded into memory upon boot up

Difficult to detect since it is running before the OS

Question 3

Describe Macro viruses

Answer 3

Viruses embedded into a document and is executed when the document is opened by the user

Question 4

Describe program viruses

Answer 4

Infect an executable or application

targets programs, installs itself, then is activated each time the program runs

Question 5

Describe multiPartite

Answer 5

virus that combines boot sector and program viruses.

First attaches itself to the boot secure and system files before affecting other files on the computer

You can clear out the programs that are infected, but as soon as the PC is rebooted, the boot sector runs and infects the PC again.

Question 6

explain encrypted viruses

Answer 6

Virus that uses a cipher to encrypt itself to avoid detection by AV

Question 7

Describe Polymorphic viruses

Answer 7

Advanced version of an encrypted virus

Changes itself every time it is executed by altering the decryption module, which assists in avoiding detection

prevents AV detection by changing signature

Question 8

Describe metamorphic viruses

Answer 8

virus that is able to rewrite itself entirely before it attempts to infect a file

Advanced form of polymorphic

Question 9

Describe a stealth virus

Answer 9

Category of virus that uses various techniques to avoid detection

Question 10

Describe an armored virus

Answer 10

Virus that has a layer of protection to confuse a program or person analyzing it.

Question 11

What is a hoax virus

Answer 11

Not exactly a virus, but an attempt to trick a user into infecting their computer using a message or website

Question 11

Describe a Worm

Answer 11

Malicious software like a virus, but is able to replicate itself without user intervention

Self replicates and takes advantages of security holes in oses and apps

can cause network traffic congestion as it consumes resources as it spreads

Question 12

describe trojans

Answer 12

piece of malicious software that is disguised as harmless or desirable software

performs desired functions and malicious functions

Remote access trojan most common form

Question 13

Describe spyware

Answer 13

malware that secretly gathers information with user consent

Comes from website or 3rd part software

Searches source files, emails, messages

May also include a keylogger

Question 14

Describe adware

Answer 14

adware is used just to collect info in order to send adds to a user

Question 15

describe greyware

Answer 15

Software that isn’t begnin or malicious and tends to be have improperly without consequences

Question 16

describe a rootkit

Answer 16

software designed to gain admin access over a system without detection