SANS Digital Forensics and Incident Response Blog: Tag - Memory Analysis

APT Malware and Memory Challenge

The memory image contains real APT malware launched against a test system. Your job? Find it. The object of our challenge is simple: Download the memory image and attempt to answer the 5 questions. DOWNLOAD LINK FOR MEMORY IMAGE:http://dfir.to/APT-Memory-Image Questions: What is the Process ID of the rogue process on the system? Determine the name … Continue reading APT Malware and Memory Challenge


Windows Memory Analysis In-Depth - Discount Code = WINDEX = 10% Off #DFIR

Memory analysis skills are one of the most in-demand skills for digital forensics, incident response, and malware analysts today. SANS is introducing a brand new 5-day class dedicated to Windows Memory Forensics. The hands-on course, written by memory forensics pioneer Jesse Kornblum, is incredibly comprehensive and a crucial course for any investigator who is analyzing … Continue reading Windows Memory Analysis In-Depth - Discount Code = WINDEX = 10% Off #DFIR


Jake Williams' Tips on Malware Analysis and Reverse-Engineering - Part 3

In this interview, Jake Williams discusses his perspective on the various approaches to reverse-engineering malware, including behavioral, dynamic and static analysis as well as memory forensics. Jake is an incident responder extraordinaire, who teaches SANS' FOR610: Reverse-Engineering Malware course. Continue reading Jake Williams' Tips on Malware Analysis and Reverse-Engineering - Part 3


Digital Forensics Case Leads: Multi-plat RAT, No US Cybersecurity bill, Dropbox drops a doozie, Volatility everywhere

This week we found out the NetWire Remote Access Trojan claims to be able to infect everyone, the US Senate has blocked a much-debated cybersecurity bill, Dropbox shows it's great way to share the confidential data of Dropbox customers, British Telecom says somewhere between 100% and 0% of Android devices are compromised and cybercrime costs … Continue reading Digital Forensics Case Leads: Multi-plat RAT, No US Cybersecurity bill, Dropbox drops a doozie, Volatility everywhere


BRAND NEW #DFIR COURSE - Windows Memory Forensics In-Depth

Memory analysis skills are one of the most in-demand skills for digital forensics, incident response, and malware analysts today. This August, SANS is introducing a brand new 5-day class dedicated to Windows Memory Forensics. The hands-on course, written by memory forensics pioneer Jesse Kornblum, is incredibly comprehensive and SANS is proud to offer it in … Continue reading BRAND NEW #DFIR COURSE - Windows Memory Forensics In-Depth