Malware Flashcards
What is Malware?
Malicious software designed to infiltrate computer systems and potentially damage them without user consent.
Types of Malware attacks
Viruses
Worms
Trojans
Ransomware
Zombies / Botnets
Rootkits
Backdoors / Logic Bombs
keyloggers
Spyware and Bloatware
What is a virus?
Malicious code that’s run on a machine without the user’s knowledge and this allows the code to infect th e computer whenever it has been run.
Types of viruses
Boot sector
Macro
Program
Multipartite
Encrypted
Polymorphic
Metamorphic
Stealth
Armoured
Hoax
What is a Boot Sector virus?
one that is stored in the first sector of a hard drive and is then loaded into memory whenever the computer boots up.
What is a Macro Virus?
Form of code that allows a virus to be embedded inside another document so that when that document is opened by the user, the virus is executed.
What is a Program Virus?
Try to find executables or application files to infect with their malicious code
What is a Multipartite Virus?
Combination of a boot sector type virus and a program virus.
What is an Encrypted Virus?
Designed to hide itself from being detected by encrypting its rmalicious code or payloads to avoid detection ny an anti-virus software.
What is a Polymorphic Virus?
Advanced version of an encrypted virus, but instead of just encrypting the contents it will actually change the viruses code each time it is executed by altering the decryption module in order for it to evade detection.
What is a Metamorphic Virus?
Able to rewrite themselves entirely before it attempts to infect a given file.
What is a Stealth Virus?
Technique used to prevent the virus from being detected by the anti-virus software.
What is an Armored virus?
Have a layer of protection to confuse a program or a person who’s trying to analyze it.
What is a Hoax Virus?
Form of technical social engineering that attempts to scare our end users.
What is a Worm?
Piece of malicious software, much like a virus, but if can replicate itself without any user interaction.
Able to self - replicate and spread throughout your network without a user’s consent or their action
What is a trojan?
Piece of malicious software that is disguised as a piece of harmless or desireable software
What is a Remote Access Trojan (RAT)?
Provides attackers with remote control of a victim machine
What is Ransomware?
Malicious software that is designed to block access to a computer system or its data by encrypting it until a ransom is paid to the attacker
What are Zombies / Botnets?
Botnets - Network of compromised computers or devices controlled remotely by malicious actors
Zombies - Name of a compromised computer or device that is part of a botnet
What are Rootkits?
Designed to gain administrative level control over a given computer system without being detected
What is a DLL Injection?
Technique used to run arbitrary code within the address space of another process by forcing it to load a dynamic-link library
What is a Dynamic Link Library?
Collection of code and data that can be used by multiple programs simultaneously to allow for code reuse and modularization in software development
What is a Shim?
Piece of software code that is placed between two components and that intercepts the calls between those components and can be used to redirect them
What is an Easter egg?
A hidden feature or novelty within a program that is typically inserted by the software devs as an inside joke
What are Logic Bombs?
Malicious code that’s inserted into a program and will only execute when certain conditions have been met
What is a Keylogger?
Piece of software or hardware that records every single keystroke that is made on a computer or mobile device
What is Spyware / Bloatware?
Spyware - Malicious software that is designed to gather and send info about a user or organization without their knowledge
Bloatware - Any software that comes pre - installed on a new computer or smartphone that you did not specifically request, want, or need.
What is a Malware Exploitation Technique?
Specific method by which malware code penetrates and infects a targeted system
Fileless Malware
used to create a process in the system memory without relying on the local file system of the infected host
What type of malware is installed when a user clicks on a malicious link or opens a malicious file?
Stage 1: Dropper or Downloader
What is a Dropper?
Specific malware type designed to initiate or run other malware forms within a payload on an infected host
What is a Downloader?
Malware designed to retrieve additional tools post the initial infection facilitated by a dropper
What is a Shellcode?
Encompasses lightweight code meant to execute an exploit on a given target
Stage 2: Downloader
Downloads and installs RAT to conduct command and control on the victimized system