Malware Flashcards
malware
software that is designed to infiltrate and damage a system without the users consent or knowledge
virus
malicious code that runs on a machine without the users knowledge and infects the computer when it is executed, requires user action to reproduce and spread
boot sector virus
viruses that are stored in first section of a hard drive and ae loaded into memory upon boot
macrovirus
virus embedded into a document and is executed when document is opened by the user, by default are not malicious and do alot of good functions
program virus
seek out executables or application files to infect, every time you open that program youd be loading the virus again and again
multipartite virus
combines boot and program viruses to first attach itself to boot sector and system files before attacking other files on computer, allows it to have persistence
encryption virus
virus is going to use cipher to encrypt the contents of itself to avoid detection by antivirus software
polymorphic
advanced version of encrypted virus that changes its code each time it is executed by altering the decryption module for it to evade detection
metamorphic
can rewrite themselves entirely before it attempts to infect a file
stealth virus
category of virus protecting itself, metamorphic, polymorphic, and encrypted viruses fall under this category
armored virus
has a layer of protection to confuse person or program trying to analyze it
hoax
tries to trick user to infect their own machine,
worms
malicious software but can replicate itself without user interaction, can spread and replicate fast
trojans
malicious software that are disguised as a piece of desirable software
remote access trojans (RAT)
provide attacker with remote control of a victims computer
ransomware
malware that restricts access to a victims computer until a ransom is received
spyware
malware that secretly gathers information about the user without their consent, normally installed from a website or a third party software, looks through your info and builds a profile
keylogger
captures keystrokes you make
adware
displays advertisements based upon its spying on you
grayware
isnt benign or malicious, tends to behave improperly without serious consequences, like crazy mouse
rootkits
designed to gain admin level control over a system without detection, root access, really hard to detect, installed down into ring 0 (kernel mode) and this allows them to hide from other functions of the operating system and avoid detection
DLL injection
malicious code inserted into a running process on a windows machine by taking advantage of a Dynamic Link Library that are loaded at run time
driver manipulation
relies on compromising kernel mode device drives that operate at a privilege or system level
shim
piece of software that is placed between two components to intercept calls and redirect them
botnet and zombies
collection of compromised computers under the control of a master node, controls many computers, used to conduct DDOS
most effective means for malware removal?
OS reinstallation
