15 FILELESS, LIVING OFF THE LAND, AND ANTI-FORENSICS TECHNIQUES
No matter how covert modern malware is designed to be, it’s always bound to leave at least trace evidence of its existence in the victim environment. That evidence might be a persistence mechanism, such as a system startup task or service, or simply a file dropped to disk during the attack. In the latter case, once a file is on disk, defenses such as anti-malware have a better opportunity to detect the malware and thwart the attack. Trace evidence also can give investigators an edge in analyzing the attack post compromise. Malware authors, realizing this, have turned to fileless ...
Get Evasive Malware now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.
