Malwares are malicious software that enables the attacker to have full or limited control over the target system once it enters. They can damage or modify information in the system and also steals the information from the system. There are various types of malware such as – Virus, Trojans, Worms, Rootkits, Spyware and Ransomware. A malware might enter the system through emails, file transfers, installation of random third party software, non-usage of quality anti-virus software.
Trojan Virus and its types:
Trojan virus disguises itself as legitimate software, it can enable spying, stealing the sensitive data and gain backdoor access to the target system. They can delete, block, modify, copy data and disrupt the performance of the system. They are classified into different types based on the actions performed. They are – Backdoor, Exploit ,Rootkit, Trojan Banker, Trojan DDoS, Trojan Downloader, Trojan Dropper, Command Shell Trojan, Defacement Trojan, Proxy Server Trojan, Remote Access Trojan and Botnet Trojans.
Difference between virus and worm:
|A virus attaches to a program or file and keeps spreading from one system to another.||Worm is a subclass of virus which is similar in design, replicates from one computer to another.|
|A virus replicates and executes itself.||Worms exploit the OS which has weak security.|
|A virus alters the system without the knowledge of user.||A worm causes the system or network to stop responding.|
|Spreads in the same speed as programmed.||Worms spread faster than virus.|
Anti-virus sensor systems:
An antivirus or antimalware is used to identify, prevent or remove the malware present in the system. They can perform system checks and update the security of the system in regular basis. There are various antivirus software available in the market for free and for cost also.
Malware analysis procedure:
The malware analysis procedure involves a set of steps which includes –
- Allocate physical or virtual system – Infect the system with a malware and identify the responses of the system. We can find ways to prevent or erase in case infections happen.
- Makes use of analysis tools – Find previous malware attacks of the system and get detailed analysis.
- Static Property analysis – Analysis of static properties and used to detect worms, viruses, trojans etc.
- Interactive behavior analysis – To interact with the malware and identify the reactions based on our actions.
- Manual code reversing – Decrypt the data to find the algorithm which generated the malware in the first place.
- Combining malware analysis steps- Combine any of the two or more above steps to find a combined solution.