Malwarebytes researchers have identified a fileless malware attack on Windows Error Reporting service. The attack was first observed on September 17 after the researchers spotted phishing emails containing a malicious document encased in a ZIP archive. Initial malicious payloads were onto the targets’ computers via spear-phishing with emails using a worker’s compensation claim as the bait. In the next step, this binary is executed from the computer’s memory leaving no traces on the hard drive. The same process injection technique is used by other malware to bypass detection, including Cerber ransomware and NetWire RAT.
Source: https://www.bleepingcomputer.com/news/security/hackers-abuse-windows-error-service-in-fileless-malware-attack/