Malware and Memory Forensics Intl

Why Malware & Memory Forensics Deep Dive?

In this Malware & Memory Forensics workshop, you will learn details of how malware functions, and how it is categorized. Then you will be shown details of the structure of memory, and how memory works. There is plenty of hands-on memory forensics. You will learn how to analyze memory to find evidence of malware.

Course Outline

I. Types of Analysis

  • a. Swap space analysis
  • b. Memory Analysis
  • c. Data acquisition as per RFC 3227

II. In-memory data

  • a. Current processes
  • b. Memory mapped files
  • c. Caches
  • d. Open Ports

III. Memory Architectural Issues

  • a. Data structures
  • b. Windows Objects
  • c. Processes
  • d. Handles
  • e. Pool-tag scanning
  • f. %SystemDrive%/hiberfil.sys
  • g. Page/Swap File

IV. Tools used

  • a. Using volatility
  • b. Dumpit.exe
  • c. hibr2bin
  • d. Win32dd
  • e. Win64dd
  • f. OSForensics

V. Registry in Memory

Thank you so much for your interest in our Malware & Memory Forensics workshop.

Please fill out the form below and one of our Training Consultants will reach out to you within 24 hours to help you get set up!

Address*
This field is hidden when viewing the form
Consent*
Consent*
This field is hidden when viewing the form