Malwarebytes researchers say a Vietnamese APT group may be behind a fileless attack. The attack uses a phishing campaign that lures victims with information about a workers compensation claim. Instead, it leads them to a malicious website that can load malware that hides in the Windows Error Reporting (WER) service. WER is the crash-reporting tool of the Microsoft Windows OS, introduced in Windows XP in XP, and included in Windows Mobile versions 5.0 and 6.0. The use of this evasion tactic is not new, researchers noted.
Source: https://threatpost.com/apt-attack-malware-windows-error-reporting/159861/