Even though there are many threats in the CyberWorld, but one of the most formidable occurring challenges in malware detection is fileless malware. It does not leave an artifact on the hard disk, which makes it harder for forensics experts to detect and trace back the reasons for compromise and to be fileless means it may be trojan, worm, bot, virus, ransomware or whatever the attacker wants. We are going to discuss multiple samples of fileless malware to provide further insight view about how they work and how the attacker thinks. What interesting is how much the attackers developed their methods in attacking and compromising a host or target, Nevertheless, being a fileless does not mean being invisible as every action will leave a trace, and that is where the solution comes in by creating an Indicators of compromise (IOC) database and compare with the logs in case of a threat the system admin can be alerted in case of compromise