POWELIKS — A Windows Malware that doesn't need installation
Malware is malicious files stored on an infected computer system to damage the system or steal sensitive information or perform other malicious activities. Now a new and sophisticated piece of malware is on the market that infects systems and steals data without installing any file onto the targeted system.
This persistent malware is known as Poweliks. It resides in the computer registry only and is hence not easily detectable as other usual malware which can be scanned by antivirus or anti-malware Software.
Poweliks spreads via emails through a malicious Microsoft Word document. It creates an encoded auto-start registry key and to remain undetectable it keeps the registry key hidden. Then it creates and executes shellcode, along with a payload Windows binary that connects to IP addresses in an effort to receive further commands from the attacker.
This malware is capable of:
1. Download any payload
2. Install spyware on the infected computer to harvest users’ personal information or business documents
3. Install banking Trojans in order to steal money
4. Install any other type of malicious software that can fulfill the needs of the attackers
5. used in botnet structures
6. generate immense revenue through ad-fraud
Reference:http://thehackernews.com/
