aljaz/securedorg.github.io
1
0
Fork 0
mirror of https://github.com/aljazceru/securedorg.github.io.git synced 2026-01-05 07:14:23 +01:00
Code Issues Packages Projects Releases Wiki Activity

moving files around

Browse Source
This commit is contained in:
Amanda Rousseau
2017-11-17 14:29:57 -08:00
parent 7ac587f44d
commit deebbe8cec
91 changed files with 68022 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

37
RE101/malware.md Normal file
View File

@@ -0,0 +1,37 @@
---
layout: default
permalink: /RE101/section2/
title: Malware Techniques
---
[Go Back to Reverse Engineering Malware 101](https://securedorg.github.io/RE101/)
# Section 2: Malware Overview #
## Typical Attack Flow ##
| Perimeter Recon | Infiltrate | Internal Recon | Entrench | Exfiltrate | Purge |
| ------------ |:------------:|:------------:|:------------:|:------------:|:------------:|
| ![alt text](https://securedorg.github.io/images/rightarrow.png) | ![alt text](https://securedorg.github.io/images/rightarrow.png) | ![alt text](https://securedorg.github.io/images/rightarrow.png) | ![alt text](https://securedorg.github.io/images/rightarrow.png) | ![alt text](https://securedorg.github.io/images/rightarrow.png) | ![alt text](https://securedorg.github.io/images/rightarrow.png) |
## Malware Classes
| Class | Description |
| --- | --- |
| **Virus** | Code that propagates (replicates) across systems with user intervention |
| **Worm** | Code that self-propagates/replicates across systems without requiring user intervention |
| **Bot** | Automated process that interacts with other network services |
| **Trojan** | Malware that is often disguised as legitimate software |
| **Ransomware** | Malware that holds the victim's data hostage by cryptography or other means |
| **Rootkit** | Masks its existence or the existence of other software |
| **Backdoor** | Enables a remote attacker to have access to or send commands to a compromised computer |
| **RAT** | Remote Access Trojan, similar to a backdoor |
| **Info Stealer** | Steals victims information, passwords, or other personal data |
| **HackTool** | Admin tools or programs that may be used by hackers to attack computer systems and networks. These programs are not generally malicious |
| **Hoax** | Program may deliver a false warning about a computer virus or install a fake AV |
| **Dropper/Downloader** | Designed to "install" or download some sort of malware |
| **Adware** | Automatically renders advertisements in order to generate revenue for its author.|
| **PUP/PUA** | Potentially Unwanted Program, sometimes added to a system without the user's knowledge or approval |
[x86 Assembly <- Back](https://securedorg.github.io/RE101/section1.3) | [Next -> Malware Techniques](https://securedorg.github.io/RE101/section2.1)