Malware that is used in hacking related to bank accounts has the names of banks in it:
List of banks in memory of banking malware
Other than bank names, you can also find the following strings in banking malware that creates web injections (explained in Chapter 1, Malware from Fun to Profit):
- data_before
- data_en
- data_inject
- data_after
The strings are part of the banking malware configuration file, which tells the malware what needs to be injected to which bank.
There can be a lot of other stuff we can infer after viewing the strings in memory. As mentioned earlier, this is a useful technique in case the malware does not show its actual behavior. A malware analyst who is well versed in reverse engineering can dig further to understand the workings of malware.