Class Central is learner-supported. When you buy through links on our site, we may earn an affiliate commission.

YouTube

Investigating Malware Using Memory Forensics - A Practical Approach

Black Hat via YouTube

Overview

Dive into the practical world of memory forensics in this Black Hat conference talk. Learn how to detect, investigate, and understand malware capabilities through hands-on demonstrations. Explore various tricks and techniques employed by malicious software, including stealth and evasive capabilities. Follow along as the speaker covers memory acquisition, analysis of infected systems featuring KeyBase Malware and Darkcomet RAT, investigation of hollow process injection, and rootkit analysis including ZeroAccess and Necurs. Gain valuable insights into malware investigation techniques from an experienced information security investigator and author.

Syllabus

Investigating Malware Using Memory Forensics - A Practical Approach
Monnappa KA • Info Security Investigator - Cisco CSIRT • Author of the Book: Learning Malware Analysis • Member of Black Hat Review Board • Co-founder Cysinfo Security Community • Creator of Limon Sandbox • Winner of Volatility Plugin Contest 2016
Memory Acquisition - Dumping the memory of a target machine to disk
Memory Analysis of Infected System (KeyBase Malware)
Memory Analysis of Infected System (Darkcomet RAT)
Investigating Hollow Process Injection
Investigating Rootkits
Memory Analysis of ZeroAccess Rootkit
Example - Memory Analysis of Necurs Rootkit

Taught by

Black Hat

Reviews

Start your review of Investigating Malware Using Memory Forensics - A Practical Approach

Never Stop Learning.

Get personalized course recommendations, track subjects and courses with reminders, and more.

Someone learning on their laptop while sitting on the floor.