312-50V11 · Question #1016
Jack, a disgruntled ex-employee of Incalsol Ltd., decided to inject fileless malware into Incalsol's systems. To deliver the malware, he used the current employees' email IDs to send fraudulent emails
The correct answer is B. Phishing. Jack uses phishing to deliver fileless malware by sending fraudulent emails with malicious links that redirect victims to an exploit-loaded website. The delivery vector is phishing, even though the payload executes in-memory.
Question
Options
- AIn-memory exploits
- BPhishing
- CLegitimate applications
- DScript-based injection
How the community answered
(24 responses)- A8% (2)
- B75% (18)
- C13% (3)
- D4% (1)
Why each option
Jack uses phishing to deliver fileless malware by sending fraudulent emails with malicious links that redirect victims to an exploit-loaded website. The delivery vector is phishing, even though the payload executes in-memory.
In-memory exploits describe how the fileless malware executes after delivery, not the technique used to launch the attack on target systems.
Phishing is the technique of sending deceptive emails that appear legitimate to trick recipients into clicking malicious links. Jack crafted fraudulent emails impersonating trusted senders and embedded a link redirecting victims to a site that auto-loaded Flash to trigger the in-memory exploit. The social engineering delivery mechanism - not the payload behavior - defines this as phishing.
Legitimate applications refers to a fileless malware technique that hijacks trusted binaries like PowerShell or WMI to execute code, which is not what Jack used for delivery.
Script-based injection refers to executing malicious scripts (e.g., via PowerShell or JavaScript) as the execution mechanism, not the social engineering delivery method used here.
Concept tested: Phishing as a fileless malware delivery vector
Source: https://attack.mitre.org/techniques/T1566/
Topics
Community Discussion
No community discussion yet for this question.