Skip to content

Trending tags

Memory Analysis (Whitepaper)

Noora Hyvärinen

19.01.17 1 min. read

Traditional malware detection and forensic investigation techniques typically focus on detecting malicious native executables on disk and performing disk forensics to uncover evidence of historical actions on a system.

In this paper, we will look at some of the memory resident techniques used by common malware families and how open-source memory analysis frameworks, such as Volatility, can be used to detect evidence of these techniques on compromised systems. Finally, we will look at how we have adopted similar ideas at Countercept, developing capabilities for performing targeted live memory analysis at scale. This enables us to detect unknown malware, making use of these techniques on isolated systems within large enterprise networks.

Download Memory Analysis – Advanced Threat Detection
Noora Hyvärinen

19.01.17 1 min. read

Categories

Related posts

Newsletter modal

Thank you for your interest towards F-Secure newsletter. You will shortly get an email to confirm the subscription.

Gated Content modal

Congratulations – You can now access the content by clicking the button below.