From the course: Ethical Hacking: The Complete Malware Analysis Process
Unlock the full course today
Join today to access over 22,400 courses taught by industry experts or purchase this course individually.
Contemporary malware construction
From the course: Ethical Hacking: The Complete Malware Analysis Process
Contemporary malware construction
- [Instructor] In 2017, researchers in the MalwareHunterTeam discovered a new strain of dual DDOS and ransomware malware, which is known as FireCrypt. The FireCrypt ransomware is created with a malware builder dubbed BleedGreen. This uses a command-line application to automate the construction of unique FireCrypt executables. The builder can hide the FireCrypt executable using a PDF or DOC icon and make small changes to the binary file to make detection difficult. When activated on a target, the ransomware first kills the Task Manager process and then starts encrypting user files with AES-256 encryption, adding the FireCrypt extension to the names. There's also a malware builder for Android, known as the Trojan Development Kit, or TDK. In 2017, Symantec published a report on the TDK, which indicated it was readily available on Chinese websites. The kit runs as an app on an Android phone. The user completes the customization details for their trojan using the Chinese app and then hits…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
Types of malware3m 36s
-
The evolution of malware3m 40s
-
How malware is delivered2m 35s
-
How malware works3m 15s
-
How malware achieves persistence5m
-
Digging into rootkits4m 20s
-
Automating malware with botnets3m 57s
-
Virus construction kits5m 54s
-
Contemporary malware construction2m 47s
-
The MITRE ATT&CK repository2m
-
-
-
-
-