Virus Types Flashcards
This malware locks you out of your own system resources and demands an online payment of some sort in order to release them back to you.
Ransomeware
Also known as a system virus, this virus type actually moves the boot sector to another location on the hard drive, forcing the virus code to be executed first.
Boot sector virus
This virus type wraps itself around an application’s code, inserting its own code before the application’s. Every time the application is run, the virus code is run first.
Shell Virus
This virus type modifies directory table entries so that user or system processes are pointed to the virus code itself instead of the application
or action intended. A single copy of the virus “infects” everything by launching when any application is initiated.
Cluster virus
Attempts to infect both files and the boot sector at the same time. This generally refers to a virus with multiple infection vectors.
Multipartite virus
Probably one of the most common malware types you’ll see in today’s world, this is usually written with Visual Basic for Applications (VBA). This virus type infects template files created by Microsoft Office, normally Word and Excel. The Melissa virus was a prime example of this.
Macro virus
This virus mutates its code using a built-in engine. This type of virus is difficult co find and remove because its signature constantly changes. No part of the virus stays the same &om infection to infection.
Polymorphic code virus
Shockingly, this type of virus uses encryption to hide the code from antivirus scanners.
Encryption virus
This virus type rewrites itself every time it infects a new file
Metamorphic virus
Also known as a “tunneling virus,” this one attempts to evade antivirus (AV) applications by intercepting the A V’s requests co the operating system (OS) and returning them to itself instead of the OS. The virus then alters the requests and sends them back to AV as uninfected, making the virus now appear “clean.”
Stealth virus
Virus overwrites portions of host files so as not co increase the actual size of the file. This is done using the null content sections of the file and leaves the file’s actual functionality intact.
Cavity Virus
These only infect occasionally. For example, maybe the virus only fires every tenth time a specific application is run.
Sparse infector virus
These viruses change the file extensions of files co take advantage of most people having file extension view turned off. For example, readme.txt.vbs might appear as readme.txt with extensions turned off.
File extension virus
