Weekly Assignment two

pcheedella
MalwareTechniques.docx
Home>Information Systems homework help>Weekly Assignment two

Submit a report that discusses the techniques used by malware developers to disguise their code and prevent it from being analyzed.  Give suggestions on how these techniques should be classified and ranked in the disaster recovery documentation

First of all malware is a peace  of code which can harm the computer.if the malware enter into the system it can be corrupted and locked the system.some Malware's are locked the system and if we want open the system we need to pay bitcoins then only it can open.but even though some malware's are corrupt the system if we pay bitcoins too.so best choice for avoid the malware attackers we don't need to access un Authorized or suspicious links which is a high chance enter malware one of the way access the links in the device.

To avoid the malware the malware developers follow some techniques which are good for stop the malware from other sources

1)develop the good antivirus software if we pre install the antivirus software in the device if any harmful file is enter into device it can can't give the permission to enter into the device.if already malware will present the antivirus software kill the malware

2)implement social Engineering techniques which are important malware developers

3)discard the mails or messages which have high chance to enter malware.what are the keywords used frequently for the malware that kind of messages can be filter and discard

4)malware can sent like mobile sms or email sms or link downloader from third party site and click will be present external site these are the main ways to enter the malware

5)malware developers can prevent the malware attacks from automatic scan will be take place while open any external website so they develop that kind of software's and classify the good and bad sms and avoid the bad messages which are reason for malware

techniques can be classified under wrapping (rank 1), obfuscation (rank 2) and packers (rank 3) techniques.

The techniques utilized by the malware developer to evade detection are IceFog, eXclusive OR, UPX, Armadillo etcetera.

 

These techniques can be classified and ranked as follows:

1. IceFog (rank 1) - It is classified as a wrapping technique in which a process attaches/links the malicious payload to the legitimate file. The malicious payload is usually installed before the installation of a legitimate file. By utilizing the static signatures to identify wrapper files is largely ineffective since new ones are regularly and easily developed and usually generates false positives. This method is normally utilized by OS X and Windows malware distributed through pirated software and P2P networks.

2. eXclusive OR (rank 2) - It is classified as an Obfuscation technique. This includes updating high-level or binary code in a way that doesn't affect its functionality, instead, it will completely update its binary signature. The obfuscation was generally reverse-engineering and piracy. Malware author has adopted the method to bypass/avoid antivirus engines and impair/reduce manual security research.

3. UPX and Armadillo (rank 3) - They are classified as Packers technique. These software tools are utilized to compress/tighten and encode binary files that are another kind of obfuscation. At the execution time, the packer that is typically embedded with the malicious binary, would unpack the payload into memory and execute it.