Which virus stores itself with the same filename as the target program file?

Unlock all questions

This demo includes only 20 questions. Upgrade to access hundreds of questions, flashcards, exam simulations, and disable ads.

Full question bankExam simulationsFlashcards
From $9.99Unlock all

Prepare for the Certified Ethical Hacker Version 11 Exam with a comprehensive test featuring flashcards and multiple choice questions, each accompanied by hints and explanations to ensure a thorough understanding. Ace your ethical hacking exam with confidence!

Multiple Choice

Which virus stores itself with the same filename as the target program file?

Explanation:
The idea being tested is how some malware hides in plain sight by using the same program name as a legitimate file. A companion virus does this by placing a malicious program in the same directory with the same base name as the target executable but with a different extension (for example, target.exe and target.com). When the system or a user tries to run the program by that name, the companion virus can be executed instead of the real program, allowing it to run covertly while the legitimate file remains present as a decoy. This naming trick—sharing the same filename/base name as the host but with a different extension—is the hallmark of a companion virus. This approach is distinct from file extension viruses, which rely on changing or manipulating file extensions themselves; shell viruses, which infect the command interpreter to spread through shell interactions; and what’s referred to as a zombie in other contexts, which relates to a compromised system under control or memory-resident behavior rather than name-based masquerading.

The idea being tested is how some malware hides in plain sight by using the same program name as a legitimate file. A companion virus does this by placing a malicious program in the same directory with the same base name as the target executable but with a different extension (for example, target.exe and target.com). When the system or a user tries to run the program by that name, the companion virus can be executed instead of the real program, allowing it to run covertly while the legitimate file remains present as a decoy. This naming trick—sharing the same filename/base name as the host but with a different extension—is the hallmark of a companion virus.

This approach is distinct from file extension viruses, which rely on changing or manipulating file extensions themselves; shell viruses, which infect the command interpreter to spread through shell interactions; and what’s referred to as a zombie in other contexts, which relates to a compromised system under control or memory-resident behavior rather than name-based masquerading.

More Multiple Choice Questions
Subscribe

Get the latest from Examzify

You can unsubscribe at any time. Read our privacy policy