SANS Stay Sharp Training - Live Online: Quickly sharpen your skills with 2-day management courses. Register now.


To attend this webcast, login to your SANS Account or create your Account.

This webcast has been archived. To view the webcast login into your SANS Portal Account or create an account by clicking the "Get Registered" button on the right. Once you register, you can download the presentation slides below.

Fighting Fileless Malware

  • Wednesday, May 24, 2017 at 11:00 AM EDT (2017-05-24 15:00:00 UTC)
  • Sanat Chugh


  • Cybereason

You can now attend the webcast using your mobile device!



The Russian Kovter gang is the creator and operator of one of the world's most impactful and prolific fileless malware and botnet attack. The Kovter fileless malware is able to gain full control and long term persistence over victim machines, while operating fully out of memory, and without any files being dropped onto the file system, helping it evade most security tools.

Sanat Chugh, Researcher, at Cybereason will explain the Kovter fileless malware and its variants and present techniques organization can use to hunt, detect, and respond to these attacks.

In this webcast, you will:

  • Learn about fileless malware, such as powershell and other windows built-in scripting engines, and how they are leveraged by attackers to gain stealth and persistence
  • Learn how to detect and respond to these types of attacks

Speaker Bio

Sanat Chugh

Sanat Chugh is a Researcher at Cybereason. He has previous experience in Web and Mobile Development and now works extensively on detailed cyber attack analysis. More specifically, Sanat focuses on malware analysis and reverse engineering (working and structural breakdown), analysis and recreation of enterprise level cyberattacks, and analysis of common attacker TTPs.

Need Help? Visit our FAQ page or email

Not able to attend a SANS webcast? All Webcasts are archived so you may view and listen at a time convenient to your schedule. View our webcast archive and access webcast recordings/PDF slides.