Malware is a broad term refers to malicious software. This is highly biased on the intent and purpose of the software. It is generally composed of the three main components which also determine how it is classified.
This function or feature of malware enables it to remain unpredictable or undetected even by antimalware programs. It needs to stay hidden, the longer it stays hidden and more time it will have to infect your system.
Replicator deals with the spreading of malware depending on its nature. It allows any piece of it to move around, it may be automated or semi-automated.
This feature or function causes actual damage or defines the true intent of the malware in regard to a target device. Bomb allows you to understand the full intent of the malware. It is the actual payload because it shows the true functionality of the malware.
Please see the reference image below to understand it.
How malware enter into your System
In this section, we will also understand the concealer, replicator, and bomb more closely.
While using the internet sometimes we download unknown software or programs for our daily life problems. But we are not aware of it hidden in this unknown software.
Bad guys trick the user to download and open a malicious document. Concealer hides it in common software to make it undetectable. Replicator cloud is hidden behind a pop window, that says “yes” or “no” to open the document.
When you click on the “yes” or “no” button then the actual malware is downloaded to your system and with concealer, it remains hidden. You don’t know what is happening in your system. When the actual malware excitable is downloaded which encrypts your data in the system with strong encryption and says victim to pay ransom to have it decrypted. Now you have received the bomb and your system is attacked with it. You will see you’re all data is encrypted and you will see a message to pay the ransom to decrypt your data.
Read More: Top 10 Ethical Hacking tools used in 2019
Types of malware
Malware can be classified based on their nature and functionality. There are many types of it but we will discuss some here. The main types are:
A virus is a malicious software based on the replicator as the key thing. The replicator in a virus requires it to a piggy bug rather than attach itself to another program for it to be able to spread.
Worms are also like a virus but it spread itself with a host program to edit. So these tools are classified based on the replicator.
Trojans are based on concealers and bombs. First of all, a Trojan discusses itself as a legitimate software which is the concealer based and the bomb is its functionality. It doesn’t intend to do harm. It is intended to exfiltrate information.
What is Malware Analysis?
Malware analysis can be said to be an investigative process that is aimed at getting inside knowledge of how malicious software works and it’s intent on a system. This includes how it replicates, how it conceals itself and what is its intent. If it has been reproduced quite a number of times you will have different strings of the same malware, this is usually to adopt new technologies.
With malware analysis, you can understand the functionality of malware and perpetrator’s to measure extent damage if exploited. You can get proper signatures for use in antimalware systems that are indicators of compromise.