Persistence mechanisms
Persistence
Malware can be persistent or non-persistent. Malware persistence simply refers to the ability to survive a program closing down (such as a browser for example) or a computer being rebooted. Non-persistence simply means the opposite. Malware will not run following the restart of a program or the rebooting of a computer.
Persistence will require a mechanism to restart the malware. The following are the methods used to enable this:
• Windows Registry
• Start-up scripts & related
• Start-up folders
• Task scheduler
• System processes/services
• Infected files
• Other Triggers
We will take a closer look at these persistent mechanisms in this section.
Introduction to Digital Forensics: Malware Analysis and Investigations
Introduction to Digital Forensics: Malware Analysis and Investigations
Reach your personal and professional goals
Unlock access to hundreds of expert online courses and degrees from top universities and educators to gain accredited qualifications and professional CV-building certificates.
Join over 18 million learners to launch, switch or build upon your career, all at your own pace, across a wide range of topic areas.
