Malware Exploitation Flashcards

1
Q

Exploit Technique

A

Describes the specific method by which malware code infects a target host.
Most modern malware uses fileless techniques to avoid detection by signature-based security software.
How does an APT use modern malware to operate? - Dropper or downloader; Maintain access; Strengthen access; Actions on objectives; Concealment

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Dropper

A

Malware designed to install or run other types of malware embedded in a payload on an infected host.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Downloader

A

A piece of code that connects to the Internet to retrieve additional tools after the initial infection by a dropper.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Shellcode

A

Any lightweight code designed to run an exploit on the target, which may include any type of code format from scripting languages to binary code.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Code Injection

A

Exploit technique that runs malicious code with the identification number of a legitimate process: Masquerading; DLL Injection; DLL Sideloading; Process hollowing.
Dropper are likely to implement anti-forensics techniques to prevent detection and analysis.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Living off the Land

A

Exploit techniques that use standard system tools and packages to perform intrusions.
Detection of an adversary is more difficult when they are executing malware code within standard tools and processes.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly