From medium.com
You might have seen the recently published report about a widespread fileless campaign called Astaroth by Microsoft Research Team that completely “lived off the land”: it only ran system tools throughout a complex attack chain. If you haven’t, you SHOULD definitely read the details of the research article done by the Microsoft team here.