11.2 Malware Part 2 (FI)

00:01

Hey, everyone, welcome back to the course of the last video. We talked about the different types of malware we went we might see.

00:07

And this video. We're gonna talk about the different components of malware.

00:11

So we have things like the crypt er, downloader, dropper, exploit injector, opera skater, Packer and payload. So we'll talk about each one of those. And again, you're gonna notice that some of the descriptions are similar in what they do. But you just want to know all of these terms for the exam itself.

00:28

So crypt er, this one's used to conceal the actual existence of the malware eso through things like obfuscation, manipulation. And this, well, is encryption and encryption being part of the most common one to office Kate Stuff

00:42

dial motor. So there's gonna be things like your Trojan right that that then contains ah, you know, additional malware. Select a root kit, for example.

00:50

And this one is gonna wait for an Internet connection to then download. So in most cases, it'll be something like, you know, it could be like you plug in a USB drive to your computer and then as you connect to the Internet, most people already connected. But if you not connected, he knew you. Then connect

01:07

the Trojan will then activate and then download the other Malli Mauer from wherever else, right?

01:11

Or it could be a situation where you're visiting a website. You got that Internet connection, and then it drops on your system.

01:18

So speaking of dropping right, uh, the dropper is used to install them. Our on the system generally covert. So the example I talked about in the previous video where I was running a sandbox, it had adobe flash export. I believe that's what it was dropped on my system from, like, Forbes or one of those websites through Maverick Rising.

01:38

Um,

01:38

generally speaking, in most cases it's pretty covert. S. O U s, the end user don't even know that

01:46

exploit, as the name implies, is just the code that actually takes advantage of a particular vulnerability or weakness on and then exploit it as the name implies

01:56

injector. So this one injects the malicious code into the running processes, and best way office gets itself

02:05

office gator, as we kind of talked about before with, you know, encryption of stuff. Afis cation is just used to conceal the malicious code. So we think it's something else.

02:15

The Packer compresses. Male were files. What kind of talk about that when we talk about static malware analysis again, when we go into the malware analysis, we're just hitting at a very high level. This is not a Mauer reversing course. You'll see. You'll hear me mention that again once we jump into the next video

02:30

on, then essentially, this is to make the Packers used to make it an unreadable format. So until we unpack it, we can't actually see what the code looks like.

02:40

And then finally, the payload. You know that we hear that terminology out there. A lot of this is just basically what performs and desired activity, right? So that exploit and then, you know, then and then performs whatever activity we actually wanted the malware to to do