Posts Tagged ‘windows forensics’

Most Recent
 
Read More
2017-11-17

A Safe Haven for Malware

Steganography is a science that studies the ways of hidden transmission of information by hiding the very fact of transmission. Science is absolutely not new in its idea, but with the invention of digital ways of implementing algorithms used in it, its development has reached an essentially new level. Three different samples of malicious programs in network attacks containing tools for intellectual analysis of crypto-currency, hidden in forged image files were identified in 2017.

 

7
 
Read More
2017-11-17

FatCat Overview

The file system is the contents of the notepad, and the file is the word. For hard disks in a PC at the moment, two file systems are most common: FAT or NTFS. First FAT (FAT16) appeared, then FAT32, and then NTFS.

8
 
Read More
2017-11-13

Hiding Registry keys

Brian Reitz is a senior threat analyst. He wanted to test the detection of various types of registry stamina. One of the methods used by the Kovter malware family. It is the perseverance trick. This trick is described in detail in a report from Symantec for September 2015 and analyzed by MalwareBytes, Airbus Cybersecurity and Reagta. The Windows Registry is an area for detecting blue commands, because the “tubeless” methods become more common.

15
 
Read More
2017-11-11

RunPE Overview

Most hackers use remote access Trojans (RATs) and they almost always use the RunPE method. This method generates a legitimate process executable (PE) file, so this is often the default browser or Microsoft system process, and replaces it with malicious code directly in memory. This allows the computer to process malicious code as a legitimate process. As soon as this happens, your antivirus program does not know that your browser is effectively turned into a virus by default.

21
Latest Headlines
 
Read More
52
 
Read More
42
 
Read More
41

Trending Topics
digital forensics
computer forensics
mobile forensics
Articles
Android forensics
digital forensics software
DFIR
iOS forensics
windows forensics
Top Stories
 
 
Right Now
 
bstrings 1.0 released
Top Five
Heat Index
 
1
Decrypting encrypted WhatsApp databases without the key
 
2
Chip-off Technique in Mobile Forensics
 
3
Extracting WhatsApp database and the cipher key from a non-rooted Android device
 
4
How to Make the Forensic Image of the Hard Drive
 
5
Extracting data from a damaged iPhone via chip-off technique