27 April 2022 to 30 May 2022
Europe/Amsterdam timezone

IT Forensics - Advanced Memory Analysis - Dealing with Malicious Code

12 May 2022, 11:00


Mr Klaus Möller (DFN-CERT)


Malware that is other compressed and encrypted on disk is usually unpacked and in cleartext in memory. Likewise, rootkits that conceal adversary activities can be found with relative ease in the memory image of a compromised system. This webinar will show some techniques to obtain malware that works along common ways, such as DLL injection, malicious kernel modules, or system call table manipulation. Concluding the module, ways to extract suspicious code segments for further analysis are also shown.

Presentation Materials

There are no materials yet.