|
Once the malicious software has been delivered to the target system in one way or another (web site, email attachment, ...), the malicious code executes and attempts to exploit a weakness in the target system to run successfully. |
If the exploit is successful, the malicious code will execute and usually attempt the following:
•Create persistence to remain active even after a reboot, logoff etc.
•Propagate on the network to infect more systems. Since propagation carries the risk of easier detection, it is usually only done when it benefits the purpose of the infection (botnet, mining, ransomware, ...)
•Execute the payload to achieve the ultimate goal of the infection, for example encryption, data theft, mining (cryptojacking)
