archives

windows registry

This tag is associated with 3 posts

Following The RTM: Forensic Examination Of A Computer Infected With A Banking Trojan

by Oleg Skulkin  Researchers became aware of the activities of the RTM group in December 2015. Since then, phishing emails distributing the trojan have been sent to potential victims with admirable persistence. From September to December 2018 the RTM group sent out more than 11,000 malicious emails. The cybercriminals, however, are not going to stop … Continue reading

RAM Forensic Analysis

by Eliézer Pereira 1 Goal The purpose of this article is show how to perform a RAM memory forensic analysis, presenting some examples of information that can be retrieved and analyzed to help identify indications of security incidents as well as fraud and other illegal practices through information systems. 2 Good Practices and Techniques for Computer … Continue reading

A Forensic Analysis Of The Windows Registry

First published November 2007 Derrick J. Farmer Champlain College Burlington, Vermont dfarmer03@gmail.com (click here for a revised, quick reference PDF version of this paper) AbstractThis paper will introduce the Microsoft Windows Registry database and explain how critically important a registry examination is to computer forensics experts. In essence, the paper will discuss various types of … Continue reading

Enter your email address to subscribe to this blog and receive notifications of new posts by email.

Join 1,249 other followers