Additionally the malware that is using such methods leaves less footprints on the system since it does not have to possess a file inside the hard drive. In-memory execution of a malware facilitates the obfuscation and anti-emulation techniques. In-memory execution or fileless execution of a PE file can be defined as executing a compiled PE file inside the memory with manually performing the operations that OS loader supposed to do when executing the PE file normally.
Because of the increasing security standards inside operating systems and rapid improvements on malware detection technologies today’s malware authors takes advantage of the transparency offered by in-memory execution methods.
0 kommentar(er)
