May 2012
Intermediate to advanced
560 pages
12h 55m
English
Analyzing Physical and Process Memory Dumps for Malware Artifacts
• Memory Forensics Overview
• Old School Memory Analysis
• How Windows Memory Forensic Tools Work
• Windows Memory Forensic Tools
• Dumping Windows Process Memory
• Dissecting Windows Process Memory
The importance of memory forensics in malware investigations cannot be overstated. A complete capture of memory on a compromised computer generally bypasses the methods that malware uses to trick operating systems, providing digital investigators with a more comprehensive view of the malware. In some cases, malware leaves little trace elsewhere on the compromised system and the only clear indications of compromise ...
Read now
Unlock full access