What defines fileless malware?

Fileless malware is defined by its ability to operate primarily in a system's memory rather than being stored on a hard drive or as standalone files. This method allows it to avoid detection by traditional security mechanisms that rely on scanning files. Since fileless malware does not leave a traditional footprint on the disk, it can execute malicious activities directly in the memory, making it harder to identify and eliminate. This behavior also allows attackers to bypass conventional antivirus solutions that typically scan for known malware signatures in file storage.

The other options describe characteristics that do not align with the fundamental nature of fileless malware. For instance, malware that is stored on a hard drive directly contradicts the essence of fileless malware, which inherently forgoes such storage to achieve stealth and efficiency. Traditional antivirus solutions may not remove fileless malware effectively, as they generally operate by detecting and quarantine files rather than monitoring system memory in real-time for anomalies. Lastly, the impact of fileless malware is not limited to only external files; it can manipulate the operating system and applications from within memory, thereby compromising the system as a whole.