For developing a better comprehension of the large-scale effects of a cyber attack, the paper examines the effects of infections with self-replicating malware --- described by an SIR model --- on a distributed system. A Lanchester model of military forces engaged in kinetic combat serves as sample system affected by the malware. Its game-like setting illustrates the effects of malware in a concise way. Corresponding evaluation criteria are derived. Basic knowledge about the expected circumstances restricts the set of scenarios to be analyzed. Remaining uncertainties are taken into account by applying Monte-Carlo simulations, whereby the scenarios to be processed are selected randomly by information-theoretic principles. The resulting framework allows a model-based calculation of the risk and the fraction of scenarios, in which malware attacks can assure the win for kinetically inferior forces, depending on the specifical circumstances. For showing the value and the validity of the method, the proposed analysis method is applied to an exemplary situation, in which sparse knowledge causes large uncertainties about the situation. Based on the example we have derived some key findings: (1) Malware attacks affecting availability can turn around the outcome of the kinetic combat in a significant fraction of scenarios. (2) Cyber capabilities tend to soften out kinetic superiority or inferiority. (3) Using the most aggressive malware is not necessarily the best decision for an aggressor. (4) Starting countermeasures against a malware attack at the earliest possible time is not always the best decision for a defender.