Skip main navigation

Infected files

Article detailing the mechanisms of malware persistence by loading malware infected files.
Infected files

This is self-explanatory, a file that contains malicious code!

Additional information…

Complex malware will more likely than not hide in plain sight. It will typically hide as an operating system file within the Windows system folder structures.

Any process executing from a user area should be a process of interest. In the event the malware is being executed from a system area, simply hash the system files and compare against a known good configuration. You can make your own or download the NRSL hash set from NIST. Click here to visit the NSRL download page.

© PA Knowledge Ltd | 7Safe Training
This article is from the free online

Introduction to Digital Forensics: Malware Analysis and Investigations

Created by
FutureLearn - Learning For Life

Reach your personal and professional goals

Unlock access to hundreds of expert online courses and degrees from top universities and educators to gain accredited qualifications and professional CV-building certificates.

Join over 18 million learners to launch, switch or build upon your career, all at your own pace, across a wide range of topic areas.

Start Learning now