ExamTopics Logo
Mail Us[email protected]
Menu
Eccouncil Discussions
exam questions

Exam 312-50v13 All Questions

View all questions & answers for the 312-50v13 exam
Go to Exam

Exam 312-50v13 topic 1 question 207 discussion

Actual exam question from ECCouncil's 312-50v13
Question #: 207
Topic #: 1
[All 312-50v13 Questions]

A multinational corporation's computer system was infiltrated by an advanced persistent threat (APT). During forensic analysis, it was discovered that the malware was utilizing a blend of two highly sophisticated techniques to stay undetected and continue its operations.
Firstly, the malware was embedding its harmful code into the actual binary or executable part of genuine system files rather than appending or prepending itself to the files. This made it exceptionally difficult to detect and eradicate, as doing so risked damaging the system files themselves.
Secondly, the malware exhibited characteristics of a type of malware that changes its code as it propagates, making signature-based detection approaches nearly impossible.
On top of these, the malware maintained a persistent presence by installing itself in the registry, making it able to survive system reboots.
Given these distinctive characteristics, which two types of malware techniques does this malware most closely embody?

  • A. Polymorphic and Metamorphic malware
  • B. Polymorphic and Macro malware
  • C. Macro and Rootkit malware
  • D. Metamorphic and Rootkit malware
Show Suggested Answer Hide Answer
Suggested Answer: A 🗳️
by Dogeo at Feb. 16, 2025, 11:26 p.m.

Comments

Chosen Answer:
This is a voting comment (?). It is better to Upvote an existing comment if you don't have anything to add.
Switch to a voting comment New
Submit Cancel
KnightHeart
2 weeks ago
Selected Answer: D
D. Metamorphic and Rootkit malware Metamorphic: Explains the code rewrite capability (changing code structure entirely). Rootkit: Explains embedding in system binaries and persistent registry installation. Alignment with Characteristics: Metamorphic mutation evades signatures. Rootkit techniques enable stealthy system file modification and persistence.
upvoted 1 times
...
KnightHeart
3 weeks, 5 days ago
Selected Answer: D
"the malware maintained a persistent presence by installing itself in the registry, making it able to survive system reboots." mean it is a rootkit
upvoted 1 times
...
ehsarx
3 months, 1 week ago
Selected Answer: A
For the reasons said before
upvoted 2 times
...
marcel9999
3 months, 1 week ago
Selected Answer: A
Since the malware modifies its code dynamically (polymorphic) and integrates itself into system binaries (metamorphic),
upvoted 3 times
...
Dogeo
3 months, 4 weeks ago
Selected Answer: B
Since the malware modifies its code dynamically (polymorphic) and integrates itself into system binaries (metamorphic),
upvoted 2 times
...
Community vote distribution
A (35%)
C (25%)
B (20%)
Other
Most Voted
A voting comment increases the vote count for the chosen answer by one.

Upvoting a comment with a selected answer will also increase the vote count towards that answer by one. So if you see a comment that you already agree with, you can upvote it instead of posting a new comment.

SaveCancel