Hi malware analysts,
Malware does the four E's: Enter - Escalate - Extend - Execute.
Enter- malware may enter via a human operator, removable disks in the boot process, incoming files, downloads, email attachment, autorun, removable disks, datafiles with auto-executed scripts, hacking, the next phase is;
Escalate - this goes about extending the range of possible behaviors from whatever initial beachhead of entering, it is the second nature of malware coders - here the secondary entrance point(s) are opened: system startup axis, application startup, application extensions of aforementioned intrusion points, this is a secondary process that can not be established without the initial entering.
Extend - is the propagation or spreading from one system to another - not all malware propagates itself - some are one-off attacks, some one-offs in milion-fold by email.
Execute - this is the execution of the payload, which may terminate all the other E's.
Always look upon malware in this sequence.
polonus
