Scribd
Upload
104 views5 pages

U A N L Facultad de Ciencias Fisico Matematicas

This document discusses types of malware, malware analysis techniques, and how malware spreads. It describes four common types of malware: viruses, worms, Trojans, and ransomware. It outlines static and dynamic malware analysis approaches. Static analysis examines malware code without executing it, while dynamic analysis studies malware behavior by running it in an isolated virtual environment. The document also discusses three main vectors for malware spreading: email, web, and direct methods like infected USB drives or social engineering.

Uploaded by

AzBlexx
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
104 views5 pages

U A N L Facultad de Ciencias Fisico Matematicas

This document discusses types of malware, malware analysis techniques, and how malware spreads. It describes four common types of malware: viruses, worms, Trojans, and ransomware. It outlines static and dynamic malware analysis approaches. Static analysis examines malware code without executing it, while dynamic analysis studies malware behavior by running it in an isolated virtual environment. The document also discusses three main vectors for malware spreading: email, web, and direct methods like infected USB drives or social engineering.

Uploaded by

AzBlexx
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 5

UNIVERSIDAD AUTÓNOMA DE NUEVO LEÓN

FACULTAD DE CIENCIAS FISICO MATEMATICAS

Practicas Avanzadas de Seguridad en Informatica


Week 8 - Malware

Maestro: Eleazar Fuentes Oaxaca


INTEGRANTE

Gilberto Alejandro Contreras Silva – 1683471


GRUPO: 006 AULA: 103

FECHA: Monterrey, N.L., 01 de octubre de 2019


Content
Types of Malware ................................................................................................................... 3
Virus .................................................................................................................................... 3
Worm .................................................................................................................................. 3
Trojan .................................................................................................................................. 3
Ransonware ........................................................................................................................ 3
Malware Analysis .................................................................................................................... 4
Static Malware Analysis ...................................................................................................... 4
Dynamic Malware Analysis ................................................................................................. 4
Malware Spreading................................................................................................................. 4
Types of Malware
Virus
Viruses are designed to damage its target computer by corrupting data, reformatting your
hard disk, or completely shutting down your system. They can also be used to steal
information, harm computers and networks, create botnets, steal money, render
advertisements, and more. A virus can copy itself and spread to other computers by
attaching themselves to programs and executing code when a user runs the infected
program. A computer virus requires human action to spread to other computers and are
often spread through email attachments and internet downloads.

Worm
One of the most common types of malware, worms spread over computer networks by
exploiting operating system vulnerabilities. It’s a standalone program that replicates itself
to infect other computers, without requiring action from anyone.
Since they can spread fast, worms are often used to execute a payload, a piece of code that
can cause damage to a system. Payloads can delete files on a host system, encrypt data for
a ransomware attack, steal information, delete files, and create botnets.

Trojan
Trojan Horse, “Trojan”, enters your system disguised as a normal, harmless file or program
to trick users into downloading and installing malware. As soon as you install a Trojan, you
are giving cyber criminals access to your system. This allows the cybercriminal to steal data,
install more malware, modify files, monitor user activity, destroy data, steal financial
information, conduct denial of service (DoS) attacks on targeted web addresses, and more.
Trojan malware cannot replicate by itself, however, if combined with a worm, the damage
Trojans can have on users and systems is endless.

Ransonware
Ransomware is a type of malware that hold your data captive and demands payment to
release the data back to you. It restricts user access to the computer by either encrypting
files on the hard drive or locking down the system and displaying messages that are
intended to force the user to pay the attacker to release the restrictions and regain access
to the computer. Once the attacker is paid, your system and data will be back to its original
state.
Propagation of malware and cybercrime will continue to rise, and it’s important to protect
yourself and your business from malware by implementing safeguards and best practices in
computer use. The only way to stay protected or remove a malware infection is by using
anti-malware software, or antivirus.
Malware Analysis
Static Malware Analysis
Static malware analysis involves examining any given malware sample without running or
executing the code. This is usually done by determining the signature of the malware binary;
the signature is a unique identification for the binary file. Calculating the cryptographic hash
of the binary file and understanding each of its components helps determine its signature.
The executable of the malware binary file is loaded into a disassembler (for example, IDA)
and thus the machine-executable code gets converted to assembly language code. Thus, by
doing this reverse-engineering on a malware binary file, it’s rendered easy for a person to
read and understand. The analyst, by looking at the assembly language code, gets to
understand the malware better. A better idea can be formed about the functionalities that
it’s programmed to do and the potential impact it can have on any system and network.
Analysts use different techniques for static analysis; these include file fingerprinting, virus
scanning, memory dumping, packer detection, and debugging.

Dynamic Malware Analysis


Dynamic malware analysis, unlike static malware analysis, involves analysis while running
the code in a controlled environment. The malware is run in a closed, isolated virtual
environment and then its behavior studied. The intention is to understand its functioning
and behavior and use this knowledge to stop its spread or to remove the infection.
Debuggers are used, in advanced dynamic malware analysis, to determine the functionality
of the malware executable. Dynamic malware analysis, unlike static analysis, is behavior-
based and hence analysts won’t miss out on important behaviors of any malware strain.

Malware Spreading
Malware can spread in any number of ways, but there are three vector classes that are of
particular interest to modern cybersecurity experts. These are the most common methods
by which users expose themselves to malware risks:

 Email: Propagating a malware application by email is surprisingly simple and


effective. Just like the scenario described above, attackers can send malware
applications that start secretly collecting data the moment they are opened. Emails
may appear to come from trusted sources such as the user’s bank, the U.S. Postal
Service, FedEx, or trusted contacts within the user’s own list. They may feature links
that direct the user towards convincing versions of their bank's website, compelling
them to change their password and then sending the login information to a
cybercriminal, or they may have infected attachments that immediately begin
collecting data on their own once opened.
 Web: Cybercriminals can design websites that exploit system vulnerabilities, human
error and common sense. A typical example runs like this: A pop-up ad warns users
that they have a virus, so they need to click OK to clean their system registry and get
rid of the virus. In fact, clicking OK is what installs the virus on the host system. Other
variants include browser exploitation or DNS redirects.
 Direct: Direct vectors include using a USB infected device, exploiting the host
operating system from within the network or social engineering tactics. Social
engineering is one of the most popular methods of gaining access to closed systems:
the idea is to trick a user into compromising their own security. For instance, an
attacker may scan a public LinkedIn profile to find an employee's name and title, get
their phone number from the company website and then call them, pretending to
be from the IT department and asking for login credentials. As simple as it sounds,
it works surprisingly well.

You might also like

pFad - Phonifier reborn

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.


Alternative Proxies:

Alternative Proxy

pFad Proxy

pFad v3 Proxy

pFad v4 Proxy