aljaz/securedorg.github.io
1
0
Fork 0
mirror of https://github.com/aljazceru/securedorg.github.io.git synced 2025-12-21 07:54:20 +01:00
Code Issues Packages Projects Releases Wiki Activity
Files
b863e8a0ac1d4b71ddd0bbb9c7c3f7b51aa61e79
securedorg.github.io/malware.md
Amanda Rousseau f0c2f21254 adding malware page 2
2017-03-20 16:55:23 -07:00

38 lines
2.3 KiB
Markdown
Raw Blame History

---
layout: default
permalink: /RE101/section2/
title: Malware Techniques
---
[Go Back to Reverse Engineering Malware 101](https://securedorg.github.io/RE101/)
# Section 2: Malware Overview #
## Typical Attack Flow ##
| Perimeter Recon | Infiltrate | Internal Recon | Entrench | Exfiltrate | Purge |
| ------------ |:------------:|:------------:|:------------:|:------------:|:------------:|
| ![alt text](https://securedorg.github.io/images/rightarrow.png) | ![alt text](https://securedorg.github.io/images/rightarrow.png) | ![alt text](https://securedorg.github.io/images/rightarrow.png) | ![alt text](https://securedorg.github.io/images/rightarrow.png) | ![alt text](https://securedorg.github.io/images/rightarrow.png) | ![alt text](https://securedorg.github.io/images/rightarrow.png) |
## Malware Classes
| Class | Description |
| --- | --- |
| **Virus** | code that propagates (replicates) across systems with user intervention |
| **Worm** | code that self-propagates/replicates across systems without requiring user intervention |
| **Bot** | automated process that interacts with other network services |
| **Trojan** | malware that is often disguised as legitimate software |
| **Ransomware** | malware that holds the victim's data hostage by cryptography or other means |
| **Rootkit** | masks its existence or the existence of other software |
| **Backdoor** | enables a remote attacker to have access to or send commands to a compromised computer |
| **RAT** | Remote Access Trojan, similar to a backdoor |
| **Info Stealer** | steals victims information, passwords, or other personal data |
| **HackTool** | admin tools or programs that may be used by hackers to attack computer systems and networks. These programs are not generally malicious |
| **Hoax** | program may deliver a false warning about a computer virus or install a fake AV |
| **Dropper/Downloader** | designed to "install" or download some sort of malware |
| **Adware** | automatically renders advertisements in order to generate revenue for its author.|
| **PUP/PUA** | Potentially Unwanted Program, sometimes added to a system without the user's knowledge or approval |
[x86 Assembly <- Back](https://securedorg.github.io/RE101/section1.3) | [Next -> Malware Techniques](https://securedorg.github.io/RE101/section2.1)
Reference in New Issue View Git Blame Copy Permalink