Jump to content

Which are various malware types?


Winke
 Share

Recommended Posts

Which are varios malvare types and computer virus types? What it mean if Malvare reports about something virus? Could you give me a list about computer virus types whom Malware has noticed. Especially I´m interested about various malvare and computer virus codes which Malware could notify in a report.

Link to post
Share on other sites

I don't understand what is meant by " whom Malware has noticed " so I'll keep this in General Terms.

First we'll start with the overarching concept of malware which is the concatenation of terms MALicious and softWARE.

There are three basic sub-types of malware;  trojans, viruses and exploit code.

1.  trojans - Trojans are the largest sub-type and contains many forms and variations.  Trojans are malicious code that require assistance to "infect".  It could be through explotation such as social Engineering or software exploitation.

Some example type of trojans are;  porn dialers, data and password stealers, trojanizers/patchers, backdoors and Remote Access Trojans ( RATs ), keyloggers, downloaders, injectors,   Each may have sub-types of their own.  For example there are QRATs and JRATs.

2. Exploits - Exploit code can be any kind of code that exploits a vulnerability or a functionality in an unintended fashion.  For example a Wimad trojan exploits Windows Digital Rights Management ( DRM ).  The Lovsan/Blaster worm was both a virus and used exploitation.  It exploited a vulnerability in RPC/RPCSS and used TCP port 445 to infect a computer and spread the infection.

3. Viruses - Viruses are a kind of malicious code that is able to spread autonomously.  Unlike  a trojan which needs assistance to spread, a virus can infect data files, media, executable binaries and that can be used to spread the infection.  Such as file to file or file to computer or file to media and media to computer.  For example a file infecting virus may inject malicious code into an executable file.  It may prepend, append or cavity inject the malicious code into a legitimate file.  Once that file is infected it may spread the infection to other other files and computers.  Two examples  are the Virut and Sallity.

Another form of virus used the boot sector of the older File Allocation Table ( pre-NTFS ) such as the NYB and Form viruses.  The infected computer would pass the infection to a floppy which could then infect another computer when that floppy was read.

Another form of virus is the Macro Virus.  it took advantage of VB macros in Microsoft Office.  If an infected document is opened then MS Office would be infected which would, in turn, infect non-infected documents.  Those infected documents could infect other systems.  This type of virus was one of the first to cross the OS barrier as long as MS Office was installed under that OS. 

[ Personally, I prefer calling them a parasite due to the fact it only "lives" in the MS Office environment. ]

There are also sub-types of viruses such as worms.   They, in-turn, also have sub-types such as internet worms, and AutoRun Worms.    Internet Worms use TCP/IP protocols such as the Lovsan/Blaster using TCP port 445.  Or it can use email ( SMTP ), NetBIOS over IP, SMB, NNTP, etc.  AutoRun worms use the AutoRun and AutoPlay OS facility in removable media to spread from PC to media and from media.

Some may combine aspects like the Lovsan/Blaster using both exploit code and being an Internet worm.

Today the vast majority of malware are trojans.  Due to newer constructs in Win32 and Win64 and NTFS, many viruses have died off.  You won't see viruses like the Melissa virus anymore.

** Note that I have provided a Reader's Digest version of information in monologue and I have simplified the explanations.

Edited by David H. Lipman
Edited for content, clarity, spelling and grammar
Link to post
Share on other sites

  • Staff

You can find a lot of detailed information about various threats and types of threats in the Malwarebytes Labs Threat Center here as well as a more general glossary of terms, including many basic threat types and categories here.

You can also find a lot of useful info about recent threats as well as security tips in the Malwarebytes Blog located here.

Link to post
Share on other sites

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
 Share

  • Recently Browsing   0 members

    • No registered users viewing this page.
Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.