Malware is an executable binary that is malicious in nature. Malware’s can be used by attackers to perform variety of malicious actions like Spying on the target using Keyloggers or RAT’S, they can also delete your data or encrypt your data for “Ransom”.
Types of Malware:
Malware is designed to perform malicious actions and they have different functionality. Various types of Malware are:
- Trojans –
Trojans can destroy data and exfiltrate data and can also be used for spying.
- Rat’s –
This type of malware allows attacker to remotely access and execute commands on system.
- Ransomware –
Ransomware encrypts all files on the system and holds the System and its data for ransom.
- Dropper –
Droppers functionality is to download/drop additional malware.
What is Malware Analysis?
Malware Analysis is the study or process of determining the functionality, origin and potential impact of a given malware sample and extracting as much information from it. The information that is extracted helps to understand the functionality and scope of malware, how the system was infected and how to defend against similar attacks in future.
- To understand the type of malware and its functionality.
- Determine how the system was infected by malware and define if it was a targeted attack or a phishing attack.
- How malware communicates with attacker.
- Future detection of malware and generating signatures.
Types of Malware Analysis:
- Static analysis –
It is a process of analyzing the malware without executing or running it. This analysis is used to extract as much metadata from malware as possible like P.E headers strings etc.
- Dynamic analysis –
It is process of executing malware and analyzing its functionality and behavior. This analysis helps to know what malware does during its execution using debugger.
- Code analysis –
It is a process of analyzing/reverse engineering assembly code. It is combination of both static and dynamic analysis.
- Behavioral analysis –
It is the process of analyzing and monitoring the malware after execution. It involves monitoring the processes, registry entries and network monitoring to determine the workings of the malware.
- Analysis Modelling in Software Engineering
- Boundary Value Analysis - Triangle Problem
- Software Engineering | Functional Point (FP) Analysis
- Boundary Value Analysis : Nature of Roots of a Quadratic equation
- Software Engineering | Structured analysis and design with CASE tools
- Structured Analysis and Structured Design (SA/SD)
- Introduction of JIRA
- Introduction to Pervasive Computing
- Introduction of Operating System - Set 1
- Introduction of Secondary Memory
- Introduction of System Call
- Introduction of Process Management
- Introduction of Process Synchronization
- Introduction of Deadlock in Operating System
- Introduction of Software Design process | Set 2
If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to firstname.lastname@example.org. See your article appearing on the GeeksforGeeks main page and help other Geeks.
Please Improve this article if you find anything incorrect by clicking on the "Improve Article" button below.