| ID | B0027 |
| Objective(s) | Defense Evasion |
| Related ATT&CK Technique | None |
Malware may install itself not as a file on the hard drive. [1]
| Name | ID | Description |
|---|---|---|
| Fileless Malware | B0027.001 | Stores itself in memory. |
| Registry Install | B0027.002 | Stores itself in the Windows registry. |
| Name | Date | Description |
|---|---|---|
| Kovter | 2016 | Stores malware files in the Registry instead of the hard drive. [1] |
[1] https://www.bleepingcomputer.com/virus-removal/remove-kovter-trojan