Skip links
Sign In
SecureValley - Master Cybersecurity, Unlock Your Potential

Ec-council | Learning

Malware and Memory Forensics | M&MF

Ask a Training Consultant

Malware & Memory Forensics Deep Dive

In this Malware & Memory Forensics workshop, you will learn details of how malware functions, and how it is categorized. Then you will be shown details of the structure of memory, and how memory works. There is plenty of hands-on memory forensics. You will learn how to analyze memory to find evidence of malware.

About the Malware and Memory Forensics Course

Course Outline

I. Types of Analysis
  • a. Swap space analysis
  • b. Memory Analysis
  • c. Data acquisition as per RFC 3227
II. In-memory data
  • a. Current processes
  • b. Memory mapped files
  • c. Caches
  • d. Open Ports
III. Memory Architectural Issues
  • a. Data structures
  • b. Windows Objects
  • c. Processes
  • d. Handles
  • e. Pool-tag scanning
  • f. %SystemDrive%/hiberfil.sys
  • g. Page/Swap File
IV. Tools used
  • a. Using volatility
  • b. Dumpit.exe
  • c. hibr2bin
  • d. Win32dd
  • e. Win64dd
  • f. OSForensics
V. Registry in Memory
 
 
 
 
 

This training is useful for any forensic investigator but is particularly interesting to those trying to trace data leaks, financial crimes, and cyber-related crimes. This workshop includes hands-on labs.

  • The purpose of the workshop is to teach students essential memory forensics; this workshop assumes a basic understanding of PC’s, networks, and basic forensics.

Save big. Join the club.

If you are outside of North America and are interested in the club subscription, please click here.

This website uses cookies to improve your web experience.
FrançaisfrFrançaisFrançais
FrançaisfrFrançaisFrançaisAnglaisenAnglaisEnglish
0