Linux malware specific techniques
Detecting Linux memfd_create() Fileless Malware with Command Line Forensics - Sandfly Security
A developing threat to Linux over the last several years has been the idea of fileless malware. Fileless malware is designed to inject itself into a running Linux system and leave no traces on the disk. There are different ways to accomplish this, but here are some of the better-known tactics: Executing the binary and the deleting itself from the disk.