Malware Flashcards

1
Q

What is Malware?

A

Malicious software designed to infiltrate computer systems and potentially damage them without user consent.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Types of Malware attacks

A

Viruses
Worms
Trojans
Ransomware
Zombies / Botnets
Rootkits
Backdoors / Logic Bombs
keyloggers
Spyware and Bloatware

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

What is a virus?

A

Malicious code that’s run on a machine without the user’s knowledge and this allows the code to infect th e computer whenever it has been run.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Types of viruses

A

Boot sector
Macro
Program
Multipartite
Encrypted
Polymorphic
Metamorphic
Stealth
Armoured
Hoax

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

What is a Boot Sector virus?

A

one that is stored in the first sector of a hard drive and is then loaded into memory whenever the computer boots up.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

What is a Macro Virus?

A

Form of code that allows a virus to be embedded inside another document so that when that document is opened by the user, the virus is executed.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

What is a Program Virus?

A

Try to find executables or application files to infect with their malicious code

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

What is a Multipartite Virus?

A

Combination of a boot sector type virus and a program virus.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

What is an Encrypted Virus?

A

Designed to hide itself from being detected by encrypting its rmalicious code or payloads to avoid detection ny an anti-virus software.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
10
Q

What is a Polymorphic Virus?

A

Advanced version of an encrypted virus, but instead of just encrypting the contents it will actually change the viruses code each time it is executed by altering the decryption module in order for it to evade detection.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
11
Q

What is a Metamorphic Virus?

A

Able to rewrite themselves entirely before it attempts to infect a given file.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
12
Q

What is a Stealth Virus?

A

Technique used to prevent the virus from being detected by the anti-virus software.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
13
Q

What is an Armored virus?

A

Have a layer of protection to confuse a program or a person who’s trying to analyze it.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
14
Q

What is a Hoax Virus?

A

Form of technical social engineering that attempts to scare our end users.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
15
Q

What is a Worm?

A

Piece of malicious software, much like a virus, but if can replicate itself without any user interaction.

Able to self - replicate and spread throughout your network without a user’s consent or their action

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
16
Q

What is a trojan?

A

Piece of malicious software that is disguised as a piece of harmless or desireable software

17
Q

What is a Remote Access Trojan (RAT)?

A

Provides attackers with remote control of a victim machine

18
Q

What is Ransomware?

A

Malicious software that is designed to block access to a computer system or its data by encrypting it until a ransom is paid to the attacker

19
Q

What are Zombies / Botnets?

A

Botnets - Network of compromised computers or devices controlled remotely by malicious actors

Zombies - Name of a compromised computer or device that is part of a botnet

20
Q

What are Rootkits?

A

Designed to gain administrative level control over a given computer system without being detected

21
Q

What is a DLL Injection?

A

Technique used to run arbitrary code within the address space of another process by forcing it to load a dynamic-link library

22
Q

What is a Dynamic Link Library?

A

Collection of code and data that can be used by multiple programs simultaneously to allow for code reuse and modularization in software development

23
Q

What is a Shim?

A

Piece of software code that is placed between two components and that intercepts the calls between those components and can be used to redirect them

24
Q

What is an Easter egg?

A

A hidden feature or novelty within a program that is typically inserted by the software devs as an inside joke

25
Q

What are Logic Bombs?

A

Malicious code that’s inserted into a program and will only execute when certain conditions have been met

26
Q

What is a Keylogger?

A

Piece of software or hardware that records every single keystroke that is made on a computer or mobile device

27
Q

What is Spyware / Bloatware?

A

Spyware - Malicious software that is designed to gather and send info about a user or organization without their knowledge

Bloatware - Any software that comes pre - installed on a new computer or smartphone that you did not specifically request, want, or need.

28
Q

What is a Malware Exploitation Technique?

A

Specific method by which malware code penetrates and infects a targeted system

29
Q

Fileless Malware

A

used to create a process in the system memory without relying on the local file system of the infected host

30
Q

What type of malware is installed when a user clicks on a malicious link or opens a malicious file?

A

Stage 1: Dropper or Downloader

31
Q

What is a Dropper?

A

Specific malware type designed to initiate or run other malware forms within a payload on an infected host

32
Q

What is a Downloader?

A

Malware designed to retrieve additional tools post the initial infection facilitated by a dropper

33
Q

What is a Shellcode?

A

Encompasses lightweight code meant to execute an exploit on a given target

34
Q

Stage 2: Downloader

A

Downloads and installs RAT to conduct command and control on the victimized system