-
-
Recent Posts
-
Categories
- Academia (21)
- Android (1)
- Anti-Forensics (2)
- AntiX (4)
- Apache/Tomcat (8)
- Arabnix (6)
- BackTrack (5)
- Books (17)
- C5W (1)
- Challenges (5)
- Companies (16)
- Conferences (1)
- Cyber 5W (2)
- Database (23)
- Development (31)
- DFIR (14)
- Exploitation (8)
- File Systems (1)
- Firewalls (20)
- Footprinting (14)
- Forensics (22)
- Fun (28)
- GNU/Linux (101)
- HDFS (1)
- IDS/IPS (4)
- Investigations (13)
- Kernel (24)
- Life (161)
- Linux Security (68)
- Linux Services (37)
- Malware (9)
- Memory (1)
- Metasploit (6)
- Mobile (3)
- Networks (44)
- News (75)
- OSINT (6)
- Patch Management (5)
- PCI Compliance (8)
- PenTest (52)
- Poems (9)
- PortKnocking (10)
- Privacy (4)
- Publications (12)
- Real Madrid (17)
- Research (6)
- Security (84)
- Snippets (33)
- Social Engineering (4)
- Software/Tools (53)
- Sport (78)
- ThreatHunting (4)
- Unix (12)
- Virtualization (27)
- Vulnerability (7)
- Web Security (12)
- Webapp (4)
- WHM/Cpanel (6)
- Windows (19)
- Workshops (2)
- z0ne (16)
Archives
Tag Archives: Malware
Speaking at NCCC 2024
Next week, I will be speaking at the National Cyber Crime Conference 2024 for the second year in a row. This year Dr. Mariam Khader and myself will be running 4 different investigation workshops, mostly focusing on malware analysis with … Continue reading
Posted in Conferences, Cyber 5W, DFIR, Forensics, Investigations, Malware, Research, Workshops
Tagged C5W, Cyber 5W, DFIR, Investigating Linux Systems, Linux, Malware, Malware Analysis, NCCC
Comments Off on Speaking at NCCC 2024
Memory Forensics – RansomCare Investigation Case 1
In this case you are required analyze a memory dump of a Windows 10 system that has been hit with RansomCare. E01 for the Memory Dump could be found: here Find RansomCare’s code, dump it. and explain what happened to … Continue reading
Posted in Anti-Forensics, Challenges, Cyber 5W, DFIR, Forensics, Investigations, Malware
Tagged anti-forensics, Case Study, Challenge, DFIR, Investigation, Malware, memory forensics, RansomCare, Ransomware
Comments Off on Memory Forensics – RansomCare Investigation Case 1
Challenge #7 – SysInternals Case
The user downloaded what they thought was the SysInternals tool suite, double-clicked it, but the tools did not open and were not accessible. Since that time, the user has noticed that the system has “slowed down” and become less and … Continue reading
Posted in Challenges, DFIR, Forensics, Investigations, Malware
Tagged challenges, DFIR, Forensics, investigaitons, Malware, SysInternals, Windows Forensics
Comments Off on Challenge #7 – SysInternals Case
Howto Setup and use the CuckooVM v2
This post should cover the basics of how to import and run a basic analysis using the Cuckoo VM which could be found here. I’m referring to this VM as CuckooVM version 2, since if you’ve been following, you already … Continue reading
Posted in DFIR, Forensics, Investigations, Malware, Virtualization
Tagged Cuckoo, DFIR, Malware, Malware Analysis, Nested Virtualization, Sandbox, Virtualization
Comments Off on Howto Setup and use the CuckooVM v2
Cuckoo VM for Malware Analysis
Cuckoo VM prepared for Malware Analysis Continue reading
Posted in Forensics, Malware, Research, ThreatHunting, Virtualization
Tagged Cuckoo, Malware, Malware Analysis, Nested Virtualization, Sandbox, VM
Comments Off on Cuckoo VM for Malware Analysis
