Introduction to Malware: Definition, Attacks, Types and Analysis

Types of Malware

Virus: Malware which needs human intervention to run and execution.

  • File viruses: Infect other files when opened infected executable.
  • Macro viruses: These viruses are written in VBS. once the virus file executed, a macro will get executed and infect other files.
  • Master boot record viruses: Boot alterations or deletes the boot records.
  • Polymorphic viruses: These viruses are complex file infectors that can create modified versions of itself to avoid detection yet retain the same basic routines after every infection.
  • Stealth viruses: Hides itself in other legitimate files or services.
  • Remote Access Trojans: Allows the attacker to take the remote access of the victim system without their knowledge through covert channels.
  • Data Sending Trojans: These type of trojans steals sensitive data from the system and sends it over to the attackers.
  • Destructive Trojans: Destroys other files and services.
  • Security software disabler Trojans: These type of trojans disabled firewall and antivirus (run time protection features) so that other malware quickly executed without getting detected.

Introduction of Malware Analysis Techniques

The art of capturing malware and analysis of malware behaviour, detection analysis and prevention is called malware analysis. Antivirus companies do malware analysis to modernise the malware detection signatures so that malware can be easily detected and removed. If you are in cybersecurity, malware analysis is one of the best career streams you can choose to enter.

  • It would help if you had a fundamental understanding of assembly language.
  • You need to understand what you are looking for, and that comes with practices and experiences.
  • Network behaviour
  • File system behaviour
  • Registry changes
  • System changes
  • Some malware quickly detected whether they are running in a lab or an open environment. Then analysis tools and may not run properly.
  • Some malware will execute only under specific conditions.

--

--

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store