As mentioned in the previous post, this post would be about dynamic analysis of the darkcomet with sysinternals. At the end of the post, you can download the attached file with the steps of how to share a folder (read-only) between host and the guest virtual machine. In this post we will continue with the analysis of darkcomet on windows 7 virtual machine. I hope you might have … Continue reading Incident Response: Methodology and Case Study – Part III
Tag: memory fornsics
Incident Response: Methodology and Case Study – Part II
In this article, I will continue with the memory / malware analysis which have been started in the previous post. At the end of the post, you will be able to download a Volatility cheat sheet along with a document related to Sysinternals. Till now we found the following: A suspicious process, named “runddl32.exe”. When we checked for the path, it wasn’t in the System32 … Continue reading Incident Response: Methodology and Case Study – Part II
Incident Response: Methodology and Case Study
We all encounter incidence in our day-to-day life. It can happen in very common places that we might be visiting regularly like road, home, forest etc. The greatest example is the 2017’s California wildfires. It was the biggest example of having an incident and not handled properly, which lead to disaster.