Practical Memory Forensics by Svetlana Ostrovskaya and Oleg Skulkin
Author:Svetlana Ostrovskaya and Oleg Skulkin
Language: eng
Format: epub
Publisher: Packt Publishing Pvt Ltd
Published: 2022-02-08T00:00:00+00:00
Figure 5.48 â System.evtx
In Figure 5.48, you can see an example of a malicious service. Note that the executable file is located in the user's temporary folder.
Another way to analyze services is to use special Volatility plugins. For example, you can use the svcscan plugin to get information about the running services, service names, types, states, binary paths, and more, as shown in Figure 5.49:
Figure 5.49 â The svcscan output
There is another plugin developed by the community called autoruns (https://github.com/tomchop/volatility-autoruns/blob/master/autoruns.py):
Download
This site does not store any files on its server. We only index and link to content provided by other sites. Please contact the content providers to delete copyright contents if any and email us, we'll remove relevant links or contents immediately.
| Cryptography | Encryption |
| Hacking | Network Security |
| Privacy & Online Safety | Security Certifications |
| Viruses |
Effective Threat Investigation for SOC Analysts by Yahia Mostafa;(6616)
Practical Memory Forensics by Svetlana Ostrovskaya & Oleg Skulkin(6338)
Machine Learning Security Principles by John Paul Mueller(6307)
Attacking and Exploiting Modern Web Applications by Simone Onofri & Donato Onofri(5981)
Operationalizing Threat Intelligence by Kyle Wilhoit & Joseph Opacki(5941)
Solidity Programming Essentials by Ritesh Modi(4060)
Microsoft 365 Security, Compliance, and Identity Administration by Peter Rising(3700)
Operationalizing Threat Intelligence by Joseph Opacki Kyle Wilhoit(3430)
Mastering Python for Networking and Security by José Manuel Ortega(3359)
Future Crimes by Marc Goodman(3351)
Mastering Azure Security by Mustafa Toroman and Tom Janetscheck(3337)
Blockchain Basics by Daniel Drescher(3308)
Learn Computer Forensics - Second Edition by William Oettinger(3189)
Incident Response with Threat Intelligence by Roberto Martínez(2917)
Mobile App Reverse Engineering by Abhinav Mishra(2889)
Mastering Bitcoin: Programming the Open Blockchain by Andreas M. Antonopoulos(2873)
The Code Book by Simon Singh(2832)
Building a Next-Gen SOC with IBM QRadar: Accelerate your security operations and detect cyber threats effectively by Ashish M Kothekar(2799)
From CIA to APT: An Introduction to Cyber Security by Edward G. Amoroso & Matthew E. Amoroso(2785)
