Malware Forensics

Question 1

Crypter

Answer 1

a software program that can conceal existence of malware. Attackers use this software to elude antivirus detection. The crypter encrypts the malicious file to avoid detection.

Question 2

Downloader

Answer 2

type of Trojan that downloads other malware (or) malicious code from the Internet onto the PC.

Question 3

Dropper

Answer 3

can contain unidentifiable malware code that antivirus scanners cannot detect and is capable of downloading additional files needed to execute the malware on a target system.

Question 4

Exploit

Answer 4

it is the code the attackers use to breach the system’s security through software vulnerabilities.

Question 5

Injector

Answer 5

program that injects the exploits or malicious code available in the malware into other vulnerable running processes and changes execution to hide or prevent its removal.

Question 6

Obfuscator

Answer 6

a program to conceal the malicious code of a malware via various techniques.

Question 7

Packer

Answer 7

software that compresses the malware file to convert the code and data of malware into an unreadable format.

Question 8

Payload

Answer 8

part of the malware that performs the desired activity when activated.

Question 9

Static Analysis

Answer 9

Static analysis is a basic analysis of the binary code and comprehension of the malware that explains its functions, without executing the code.

Question 10

Behavioral analysis or dynamic analysis

Answer 10

deals with the study of malware behavior during installation, on execution and while running.

Question 11

Static Malware Analysis technique

Answer 11

Techniques include:
File fingerprinting
Local and Online malware scanning Performing strings search
Identifying packing/obfuscation methods
Finding the portable executables (PE) information Identifying file dependencies Malware disassembly