Russian Cyber Threat Intelligence

Which type of malware resides only in RAM? Explaining fileless malware

bulwarkblack8 months ago8 months ago01 mins

Explaining malware which resides only in RAM

Unlike traditional malware, which typically involves downloading and running an executable file, fileless malware operates in the system’s memory (RAM) and often exploits legitimate tools (like PowerShell, WMI, or Windows Registry) and scripts already present on the target system (such as JavaScript or VBScript).

This means that fileless malware has unique attack vectors, installation, persistence and execution mechanisms. Here’s how malware which resides in RAM compares to traditional malware:

Related News

Name

Size

Date

IOCs_YARA_TTPs_Posted_Articles/ IOCs_YARA_TTPs_Posted_Articles

IOCs_YARA_TTPs_Posted_Articles

Open 99.71 KB 2024-01-12 January 12, 2024 2024-03-22 March 22, 2024

21 Items
99.71 KB

March 22, 2024

e84a5476d7

Explaining malware which resides only in RAM

Related News

“Pig butchering” is an evolution of a social engineering tactic we’ve seen for years

New AcidPour Wiper Targeting Linux Devices Spotted in Ukraine

Fancy Bear: Espionage group expands global phishing campaign

Backdoor.Win32 Carbanak (Anunak) / Named Pipe Null DACL