Finding Advanced Malware Using Volatility

Jun 29, 2016

Hakin9 Magazine now has a course on Volatility, you should check it out ->


FINDING ADVANCED MALWARE USING VOLATILITY

by Monnappa Ka


What you should know

  • Basic understanding of malware

  • Knowledge of operating system processes

  • Understanding of Windows Internals


What you will learn

  • Performing memory forensics

  • Tools and techniques to detect advanced malware using Memory forensics

  • Volatility usage


Memory Forensics is the analysis of the memory image taken from the running computer. Memory forensics plays an important role in investigations and incident response. It can help in extracting forensics artifacts from a computer's memory like running process, network connections, loaded modules etc. It can also help in unpacking, Rootkit detection and reverse engineering. When an organization is a victim of advanced malware infection, a quick response action is required to identify the indicators associated with that malware to remediate, establish better security controls and to prevent future ones from occurring. In this article you will learn to detect advance malware infection in memory using a technique called "Memory....

© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023