This is from my talk at IR18 geared around evasion techniques employed by malware, and detection methods for incident responders. I touch on everything from ransomware, to evasive fileless WMI malware. My goal for this talk was to teach defenders about the inner-workings and capabilities of malware, as well as some detection methods they may have not considered.