This types of malware use the CLR Hosting method to run malicious codes in memory without any footprint.