---
layout: default
permalink: /RE101/section2/
title: Malware Techniques
---
[Go Back to Reverse Engineering Malware 101](https://securedorg.github.io/RE101/)

# Section 2: Malware Overview #

## Typical Attack Flow ##

| Perimeter Recon | Infiltrate | Internal Recon | Entrench | Exfiltrate | Purge |
| ------------ |:------------:|:------------:|:------------:|:------------:|:------------:|
| ![alt text](https://securedorg.github.io/images/rightarrow.png) | ![alt text](https://securedorg.github.io/images/rightarrow.png) | ![alt text](https://securedorg.github.io/images/rightarrow.png) | ![alt text](https://securedorg.github.io/images/rightarrow.png) | ![alt text](https://securedorg.github.io/images/rightarrow.png) | ![alt text](https://securedorg.github.io/images/rightarrow.png) |


## Malware Classes

| Class | Description |
| --- | --- |
| **Virus** | Code that propagates (replicates) across systems with user intervention |
| **Worm** | Code that self-propagates/replicates across systems without requiring user intervention |
| **Bot** | Automated process that interacts with other network services |
| **Trojan** | Malware that is often disguised as legitimate software |
| **Ransomware** | Malware that holds the victim's data hostage by cryptography or other means |
| **Rootkit** | Masks its existence or the existence of other software |
| **Backdoor** | Enables a remote attacker to have access to or send commands to a compromised computer |
| **RAT** | Remote Access Trojan, similar to a backdoor |
| **Info Stealer** | Steals victims information, passwords, or other personal data |
| **HackTool** | Admin tools or programs that may be used by hackers to attack computer systems and networks. These programs are not generally malicious |
| **Hoax** | Program may deliver a false warning about a computer virus or install a fake AV |
| **Dropper/Downloader** | Designed to "install" or download some sort of malware |
| **Adware** | Automatically renders advertisements in order to generate revenue for its author.|
| **PUP/PUA** | Potentially Unwanted Program, sometimes added to a system without the user's knowledge or approval |


[x86 Assembly <- Back](https://securedorg.github.io/RE101/section1.3) | [Next -> Malware Techniques](https://securedorg.github.io/RE101/section2.1)