A characterisation of system-wide propagation in the malware landscape
System-wide propagation is frequently observed in malware, and there are several resources, like blog posts and similar, that detail some of the techniques used. However, there is currently no thorough study on the subject at large, and the full extent of system-wide malware propagation remains unknown. In this paper, we perform a systematic study on many real-world samples to comprehensively characterise system-wide propagation within the malware landscape and the goal is to use detailed and precise analyses to derive high-level views. We achieve this by collecting a diverse set of malware samples, analyse them in our Minerva malware analysis framework and then extract vast amounts of statistics about the results. We use these results to provide an in-depth discussion centred on four main research questions.
READ FULL TEXT