Incident Response: Methodology and Case Study – Part II

In this article, I will continue with the memory / malware analysis which have been started in the previous post. At the end of the post, you will be able to download a Volatility cheat sheet along with a document related to Sysinternals. Till now we found the following: A suspicious process, named “runddl32.exe”. When we checked for the path, it wasn’t in the System32 […]