Author Topic: Malware does the four E's  (Read 2570 times)

0 Members and 1 Guest are viewing this topic.

Offline polonus

  • Avast √úberevangelist
  • Probably Bot
  • *****
  • Posts: 33669
  • malware fighter
Malware does the four E's
« on: December 20, 2005, 06:16:50 PM »
Hi malware analysts,

Malware does the four E's: Enter - Escalate - Extend - Execute.
Enter- malware may enter via a human operator, removable disks in the boot process, incoming files, downloads, email attachment, autorun, removable disks, datafiles with auto-executed scripts, hacking, the next phase is;
Escalate - this goes about extending the range of possible behaviors from whatever initial beachhead of entering, it is the second nature of malware coders - here the secondary entrance point(s) are opened: system startup axis, application startup, application extensions of aforementioned intrusion points, this is a secondary process that can not be established without the initial entering.
Extend - is the propagation or spreading from one system to another - not all malware propagates itself - some are one-off attacks, some one-offs in milion-fold by email.
Execute -  this is the execution of the payload, which may terminate all the other E's.

Always look upon malware in this sequence.

polonus
« Last Edit: December 20, 2005, 06:20:21 PM by polonus »
Cybersecurity is more of an attitude than anything else. Avast Evangelists.

Use NoScript, a limited user account and a virtual machine and be safe(r)!