2019
DOI: 10.1007/978-3-030-34339-2_7
|View full text |Cite
|
Sign up to set email alerts
|

JSLess: A Tale of a Fileless Javascript Memory-Resident Malware

Abstract: New computing paradigms, modern feature-rich programming languages and off-the-shelf software libraries enabled the development of new sophisticated malware families. Evidence of this phenomena is the recent growth of fileless malware attacks. Fileless malware or memory resident malware is an example of an Advanced Volatile Threat (AVT). In a fileless malware attack, the malware writes itself directly onto the main memory (RAM) of the compromised device without leaving any trace on the compromised device's fil… Show more

Help me understand this report

Search citation statements

Order By: Relevance

Paper Sections

Select...
4
1

Citation Types

0
11
0

Year Published

2022
2022
2023
2023

Publication Types

Select...
3
2
1

Relationship

0
6

Authors

Journals

citations
Cited by 10 publications
(11 citation statements)
references
References 17 publications
0
11
0
Order By: Relevance
“…It stays and operates in the Random Access Memory (RAM) and removes the footprints to increase the difficulty of removal [6]. It is also called nonmalware, Advanced Volatile Attack (AVT) [33], or Living-offthe-Land (LotL) attack as threat actors use legitimate tools, processes, benign software utilities, and libraries during an attack [8]. These are built-in native and highly reliable Windows applications such as Windows Management Instrumentation (WMI) subscriptions, PowerShell, Microsoft Office Macros [10].…”
Section: Fileless Malware Workflowmentioning
confidence: 99%
See 4 more Smart Citations
“…It stays and operates in the Random Access Memory (RAM) and removes the footprints to increase the difficulty of removal [6]. It is also called nonmalware, Advanced Volatile Attack (AVT) [33], or Living-offthe-Land (LotL) attack as threat actors use legitimate tools, processes, benign software utilities, and libraries during an attack [8]. These are built-in native and highly reliable Windows applications such as Windows Management Instrumentation (WMI) subscriptions, PowerShell, Microsoft Office Macros [10].…”
Section: Fileless Malware Workflowmentioning
confidence: 99%
“…Moreover, in a ransomware incident, the attack was completed by writing the files into the disk. However, the delivery, execution, and propagation phases are still fileless [8].…”
Section: Fileless Malware Workflowmentioning
confidence: 99%
See 3 more Smart Citations