Followers 0

Analyzing Malware in Memory

By Usr6, January 17, 2013 in Tutoriale video

Recommended Posts

Usr6

Posted January 17, 2013

- Report

Posted January 17, 2013

starting with what memory forensics actually is, and the differences between memory and live forensics. He then went on to discuss Volatility, a framework for the extraction of digital artifacts from volatile memory (RAM) samples.

Detailed information about Volatility covered the following areas:

Overview

Per-Process Analysis

API hooking

Misc. Process Data

GUI Subsystem

Registry in Memory

Callbacks

IRP Hooking

Devices

MBR & MFT

http://fast.wistia.com/embed/iframe/927ezhtxwv

Slides

Sursa

Quote

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Reply to this topic...

× Pasted as rich text. Paste as plain text instead

Only 75 emoji are allowed.

× Your link has been automatically embedded. Display as a link instead

× Your previous content has been restored. Clear editor

× You cannot paste images directly. Upload or insert images from URL.

Insert image from URL

Followers 0

Go to topic listing

Sign In

Analyzing Malware in Memory

Recommended Posts

Usr6

Join the conversation

Browse

Activity

Pages