GIAC
GCIH · Question #285
GCIH Question #285: Real Exam Question with Answer & Explanation
The correct answer is A: NetBus. Binding a Trojan to a legitimate file requires three components: the Trojan payload itself, a file binder utility to merge the two executables, and the legitimate host file used as the carrier.
Malware Analysis & Advanced Persistent Threats
Question
Your friend plans to install a Trojan on your computer. He knows that if he gives you a new version of chess.exe, you will definitely install the game on your computer. He picks up a Trojan and joins it with chess.exe. Which of the following tools are required in such a scenario? Each correct answer represents a part of the solution. Choose three.
Options
- ANetBus
- BAbsinthe
- CYet Another Binder
- DChess.exe
Explanation
Binding a Trojan to a legitimate file requires three components: the Trojan payload itself, a file binder utility to merge the two executables, and the legitimate host file used as the carrier.
Common mistakes.
- B. Absinthe is an automated blind SQL injection exploitation tool used against databases and plays no role in binding or delivering Trojan payloads via file bundling.
Concept tested. Trojan delivery via file binding with a legitimate executable
Topics
#Trojan horse#file binder#NetBus#malware bundling
Community Discussion
No community discussion yet for this question.