O'Reilly logo

Malware Forensics Field Guide for Windows Systems by James M. Aquilina, Eoghan Casey, Cameron H. Malin

Stay ahead with the world's most comprehensive technology and business learning platform.

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, tutorials, and more.

Start Free Trial

No credit card required

Chapter 3

Post-Mortem Forensics

Discovering and Extracting Malware and Associated Artifacts from Windows Systems

Solutions in this chapter:

• Windows Forensic Analysis Overview

• Forensic Examination of Compromised Windows Systems

• Malware Discovery and Extraction from Windows Systems

• Examine Windows File System

• Examine Windows Registry

• Keyword Searching

• Forensic Reconstruction of Compromised Windows Systems

• Advanced Malware Discovery and Extraction from a Windows System

Introduction

If live system analysis can be considered surgery, forensic examination of Windows systems can be considered an autopsy of a computer impacted by malware. Trace evidence relating to a particular piece of malware may be found in various places on the ...

With Safari, you learn the way you learn best. Get unlimited access to videos, live online training, learning paths, books, interactive tutorials, and more.

Start Free Trial

No credit card required