book

Malware Forensics Field Guide for Windows Systems

May 2012

Intermediate to advanced

560 pages

12h 55m

English

Read now

Unlock full access

Solutions in this chapter:Volatile Data Collection and Analysis ToolsNon-Volatile Data Collection and Analysis ToolsSelected ReadingsJurisprudence/RFCS/Technical Specifications

Solutions in this chapter:Selected Readings
Solutions in this chapter:Selected Readings
Solutions in this chapter:
Solutions in this chapter:Selected Readings
Solutions in this chapter:IntroductionGoalsGuidelines for Examining a Malicious File SpecimenEstablishing the Environment BaselinePre-Execution Preparation: System and Network MonitoringExecution Artifact Capture: Digital Impression and Trace EvidenceExecuting the Malicious Code SpecimenExecution Trajectory Analysis: Observing Network, Process, Api, File System, and Registry ActivityAutomated Malware Analysis FrameworksOnline Malware Analysis SandboxesDefeating ObfuscationEmbedded Artifact Extraction RevisitedInteracting with and Manipulating the Malware Specimen: Exploring and Verifying Functionality and PurposeEvent Reconstruction and Artifact Review: Post-Run Data AnalysisDigital Virology: Advanced Profiling Through Malware Taxonomy and PhylogenyConclusionPitfalls to AvoidSelected Readings