Cart 0
Ec-council | Learning
Forensics of Malware and Memory | M&MF
Explore malware and memory forensics: malware classification, memory structure and practical activities to detect hidden evidence.
About Malware and Memory Forensics Course
Course outline
I. Types of analysis
a. Exchange space analysis
b. Memory Analysis
c. Acquisition of data by RFC 3227
II. Data in Memory
a. Ongoing process
b. Files mapped in memory
c. Hides
d. Open ports
III. Architectural problems of memory
a. Data structures
b. Windows objects
c. Process
d. Descriptor
e. Analyze pool tags
f. %SystemDrive%/hiberfil.sys
g. Page file/exchange
IV. Tools used
a. Using Volatility
b. Dumpit.exe
c. Hibr2bin
d. Win32dd
e. Win64dd
f. OSForensics
V. Register in memory
Objectives of the course
The aim of the workshop is to teach students the fundamentals of memory analysis; This workshop involves a basic understanding of computers, networks and judicial analysis.
Who should attend
This training is useful for any criminal computer investigator, but it is particularly interesting for those who attempt to trace data leaks, financial crimes and crimes related to cybercrime. This workshop includes practical laboratories.
Certification Club
Save big. Join the club.
If you are outside North America and are interested in membership to the club, please click Here.
