Table of Contents

Click Here to Return To the Certified Ethical Hacker (CEH v13) Course Page

Malware Threats examines malicious software in the EC-Council CEH v13 course. This module covers malware types, delivery, analysis, and countermeasures. Detonate live samples only inside an isolated, authorized lab.

Malware is code that performs unauthorized actions on a system. You learn how each type behaves so you recognize it during an engagement and defend against it.

Malware Types

TypeBehavior
VirusAttaches to files and needs a user to run it
WormSpreads on its own across a network
TrojanHides inside a useful-looking program
RansomwareEncrypts data and demands payment
SpywareSecretly collects user activity
RootkitHides deep in the OS to keep access
RATGives an attacker remote control

A Remote Access Trojan (RAT) opens a persistent backdoor so the attacker controls the host remotely. Fileless malware runs in memory using built-in tools like PowerShell, which is a living-off-the-land approach that evades file scanners.

Malware Analysis

You study a sample in two ways.

  • Static analysis inspects the file without running it, checking strings, hashes, and headers.
  • Dynamic analysis runs the sample in a sandbox and watches behavior, network calls, and file changes.
# Static checks: hash and readable strings
sha256sum sample.bin
strings sample.bin | grep -iE "http|cmd|powershell"

Always analyze in an isolated virtual machine with no production access. Confirm a file’s integrity using the hash of files on Linux guide or on Windows .

Countermeasures

You reduce malware risk with layered defenses.

  • EDR and antivirus detect and block known and suspicious code.
  • Application whitelisting allows only approved programs to run.
  • Sandboxing isolates untrusted files before they reach users.
  • Patching closes the flaws worms and Trojans exploit.

Keep backups offline, because offline copies survive a ransomware event.

Next Steps

Capture traffic that malware and attackers generate in Sniffing . Revisit how attackers gain the foothold in System Hacking . Return to the Certified Ethical Hacker (CEH v13) Course .