During an investigation you find that newly compromised Windows hosts are infected minutes apart. Logs show the malware exploiting TCP port 445 (EternalBlue) to copy itself directly into the %SystemRoot% directory of remote machines, then immediately scanning the subnet for additional vulnerable targets. No legitimate executable files are altered and no user interaction is required for the spread. How should you classify this malicious code?
A macro virus that leverages Office documents for distribution
A polymorphic ransomware strain that encrypts user data
A self-replicating network worm that propagates without a host file
A file-infector virus that appends its code to executable programs
Malware that transfers a stand-alone copy of itself across network connections and runs without modifying existing files is defined as a worm. The hallmark of a worm is autonomous propagation-after initial execution it locates other systems and replicates over the network (in this case via SMB on port 445). A file-infector virus, in contrast, must attach its code to host executables; a macro virus embeds itself in document macros; ransomware is categorized by its goal of encrypting data for payment, not by its propagation method. Because the observed sample spreads automatically and does not attach to files, it fits the definition of a network worm.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is SMB on port 445?
Open an interactive chat with Bash
How does a worm differ from other types of malware?
Open an interactive chat with Bash
What is the EternalBlue exploit and how does it work?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
System Hacking Phases and Attack Techniques
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99 $11.99
$11.99/mo
Billed monthly, Cancel any time.
$19.99 after promotion ends
3 Month Pass
$44.99 $26.99
$8.99/mo
One time purchase of $26.99, Does not auto-renew.
$44.99 after promotion ends
Save $18!
MOST POPULAR
Annual Pass
$119.99 $71.99
$5.99/mo
One time purchase of $71.99, Does not auto-renew.
$119.99 after promotion ends
Save $48!
BEST DEAL
Lifetime Pass
$189.99 $113.99
One time purchase, Good for life.
Save $76!
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .