archives

Timeline

This tag is associated with 3 posts

How To Analyze Windows 10 Timeline With Belkasoft Evidence Center

Temporal analysis of events (Timeline) can be beneficial when you want to reconstruct events related to computer incidents, data breaches, or virus attacks taking place on a victim’s computer.  Historically, digital forensic timeline analysis has been broken down into two parts:  ‘Timeline’ to describe changes associated with temporal file metadata in a file system. In … Continue reading

Following The RTM: Forensic Examination Of A Computer Infected With A Banking Trojan

by Oleg Skulkin  Researchers became aware of the activities of the RTM group in December 2015. Since then, phishing emails distributing the trojan have been sent to potential victims with admirable persistence. From September to December 2018 the RTM group sent out more than 11,000 malicious emails. The cybercriminals, however, are not going to stop … Continue reading

A guide to RegRipper and the art of timeline building

Background I have often heard RegRipper mentioned on forums and websites and how it was supposed to make examining event logs, registry files and other similar files a breeze (the event logs and the other files isn’t per say examined by RegRipper, but they will be used for creating timelines further on in this post with … Continue reading

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,276 other followers