Malware Unicorn

twitter: @malwareunicorn
Company: Endgame, Inc.

View My GitHub Profile

Go Back to Reverse Engineering Malware 101

Section 2: Malware Overview

Typical Attack Flow

Perimeter Recon Infiltrate Internal Recon Entrench Exfiltrate Purge
alt text alt text alt text alt text alt text alt text

Malware Classes

Class Description
Virus Code that propagates (replicates) across systems with user intervention
Worm Code that self-propagates/replicates across systems without requiring user intervention
Bot Automated process that interacts with other network services
Trojan Malware that is often disguised as legitimate software
Ransomware Malware that holds the victim’s data hostage by cryptography or other means
Rootkit Masks its existence or the existence of other software
Backdoor Enables a remote attacker to have access to or send commands to a compromised computer
RAT Remote Access Trojan, similar to a backdoor
Info Stealer Steals victims information, passwords, or other personal data
HackTool Admin tools or programs that may be used by hackers to attack computer systems and networks. These programs are not generally malicious
Hoax Program may deliver a false warning about a computer virus or install a fake AV
Dropper/Downloader Designed to “install” or download some sort of malware
Adware Automatically renders advertisements in order to generate revenue for its author.
PUP/PUA Potentially Unwanted Program, sometimes added to a system without the user’s knowledge or approval
x86 Assembly <- Back Next -> Malware Techniques