System processes/services
System processes/services
Running processes or services can also execute programs or load files as part of their function. This can therefore load files containing malicious code.
Additional information…
Complex malware may well have a minder program or service running monitoring it. Should the malware process be terminated, the minder process or service will restart the malware to maintain the infection.
One example is the Dark Comet remote access Trojan (RAT). This malware has a minder program running which will restart the malware in the event it’s process is unexpectedly terminated whilst the computer is running. Information about Dark Comet is readily available on the World Wide Web.
Introduction to Digital Forensics: Malware Analysis and Investigations
Introduction to Digital Forensics: Malware Analysis and Investigations
Reach your personal and professional goals
Unlock access to hundreds of expert online courses and degrees from top universities and educators to gain accredited qualifications and professional CV-building certificates.
Join over 18 million learners to launch, switch or build upon your career, all at your own pace, across a wide range of topic areas.
