From the course: Ethical Hacking: The Complete Malware Analysis Process
Unlock the full course today
Join today to access over 22,400 courses taught by industry experts or purchase this course individually.
How malware works
From the course: Ethical Hacking: The Complete Malware Analysis Process
How malware works
- [Instructor] Once malware has been delivered, it needs to execute. If it's an executable file such as a Trojan, this occurs when the user clicks on it. If it's been carried in a remote exploit then it executes after the exploit code penetrates the target and passes control to it. Malware maybe designed to be executed immediately or it maybe a backdoor designed to be dropped on to the target and remain latent for longer term use. Sofacy is a cyber espionage campaign which appears to have started in about 2008 and run for most of the next decade. Also know as Fancy Bear, an Advanced Persistent Threat 28. It's been used in attacks on NATO and east European governments, a military targets of interest to Russia. Sofacy's reach can be seen in this graphic which shows where phishing emails and lures have been detected. Sofacy is a campaign which has over the years used a variety of tools and has been updated and rebuilt for various software platforms. A typical Sofacy attack starts with an…
Practice while you learn with exercise files
Download the files the instructor uses to teach the course. Follow along and learn by watching, listening and practicing.
Contents
-
-
-
Types of malware3m 36s
-
The evolution of malware3m 40s
-
How malware is delivered2m 35s
-
How malware works3m 15s
-
How malware achieves persistence5m
-
Digging into rootkits4m 20s
-
Automating malware with botnets3m 57s
-
Virus construction kits5m 54s
-
Contemporary malware construction2m 47s
-
The MITRE ATT&CK repository2m
-
-
-
-
-