
Asian Nation-State hackers use fileless RAT for their hacking campaign - paganinip
http://securityaffairs.co/wordpress/46557/malware/fileless-rat.html
======
nunobrito
The mentioned attack vector is not "fileless". It is covertly assembling
several files on the disk of the computer directly in memory to then run them
from there.

So, quite a number of files and system calls involved that permit to recognize
and react to this attack.

An example of true "fileless" attack would be the one demonstrated by
Conficker, where an infected computer attacks by brute force password guessing
the other computers on the same network, gains access to the new machine and
then runs the virus code without storing any files on the local disk.

