During a sandbox analysis, you observe that a malicious Microsoft Word macro invokes powershell.exe with the -EncodedCommand flag to download additional shellcode and inject it directly into the running process's memory; no executable is ever written to disk. Which malware concept is primarily demonstrated by this behavior?
Polymorphic malware that mutates its code on every run
Fileless malware that executes purely in memory
Multipartite virus that infects both boot sectors and files
The macro relies on the host's built-in PowerShell interpreter to fetch and execute shellcode entirely in RAM. Because the payload never touches the file system, traditional file-based scanners have little to scan, making detection difficult. This is the hallmark of fileless malware that operates through in-memory execution. Polymorphic malware focuses on code mutation to evade signature scanners, multipartite viruses infect both boot sectors and files, and kernel-level rootkits hide by hooking low-level functions-none of which necessarily avoid writing files to disk as in this scenario.
Ask Bash
Bash is our AI bot, trained to help you pass your exam. AI Generated Content may display inaccurate information, always double-check anything important.
What is fileless malware?
Open an interactive chat with Bash
Why does using PowerShell make fileless malware effective?
Open an interactive chat with Bash
How does the -EncodedCommand flag work in PowerShell?
Open an interactive chat with Bash
Certified Ethical Hacker (CEH)
System Hacking Phases and Attack Techniques
Your Score:
Report Issue
Bash, the Crucial Exams Chat Bot
AI Bot
Loading...
Loading...
Loading...
Pass with Confidence.
IT & Cybersecurity Package
You have hit the limits of our free tier, become a Premium Member today for unlimited access.
Military, Healthcare worker, Gov. employee or Teacher? See if you qualify for a Community Discount.
Monthly
$19.99
$19.99/mo
Billed monthly, Cancel any time.
3 Month Pass
$44.99
$14.99/mo
One time purchase of $44.99, Does not auto-renew.
MOST POPULAR
Annual Pass
$119.99
$9.99/mo
One time purchase of $119.99, Does not auto-renew.
BEST DEAL
Lifetime Pass
$189.99
One time purchase, Good for life.
What You Get
All IT & Cybersecurity Package plans include the following perks and exams .