To date, there are a number of so-called fileless infections. By fileless infections or fileless malware, we are referring to an infection or malware that does not write any files to the infected system’s hard drive.
By leaving as little traces behind as possible, malware authors try to postpone detection by security vendors for as long as possible. Which is another big step in the arms war between malware and security products and the process of making file-based detections by security vendors something of the past.
In some modern exploit kits (Angler in particular), fileless infection is rapidly becoming the run-of-the-mill method. If we want to classify fileless infections, the first split will be depending on whether the infection wants to be resident or if it will be gone after doing its job or sometimes after a reboot.
Full Article
