Recently i’ve published this post focused on hunting malware using volatility and Yara rules.
Malhunt: automated malware search in memory dumps
Posted on
Tag: volatility
Digital forensics chronicles: image identification issues on large memory dump with Volatility
Posted on
Spoiler: shame on DumpIT!
Finding malware on memory dumps using Volatility and Yara rules
Posted on
Previously i’ve talked a lot about Volatility, and i’ve published also some articles about YARA. Today i’d like share a brief and simple workflow, useful for a first high-level analysis of memory dumps in order to search the presence of a generic malware.