Skip main navigation

Infected files

Article detailing the mechanisms of malware persistence by loading malware infected files.
© PA Knowledge Ltd | 7Safe Training

Infected files

This is self-explanatory, a file that contains malicious code!

Additional information…

Complex malware will more likely than not hide in plain sight. It will typically hide as an operating system file within the Windows system folder structures.

Any process executing from a user area should be a process of interest. In the event the malware is being executed from a system area, simply hash the system files and compare against a known good configuration. You can make your own or download the NRSL hash set from NIST. Click here to visit the NSRL download page.

© PA Knowledge Ltd | 7Safe Training
This article is from the free online

Introduction to Digital Forensics: Malware Analysis and Investigations

Created by
FutureLearn - Learning For Life

Our purpose is to transform access to education.

We offer a diverse selection of courses from leading universities and cultural institutions from around the world. These are delivered one step at a time, and are accessible on mobile, tablet and desktop, so you can fit learning around your life.

We believe learning should be an enjoyable, social experience, so our courses offer the opportunity to discuss what you’re learning with others as you go, helping you make fresh discoveries and form new ideas.
You can unlock new opportunities with unlimited access to hundreds of online short courses for a year by subscribing to our Unlimited package. Build your knowledge with top universities and organisations.

Learn more about how FutureLearn is transforming access to education