Top Ad unit 728 × 90

Latest News

random

Daily Blog #622: Solution Saturday 2/9/19

Hello Reader,
             This week Oleg Skulkin has come in with another win! Oleg found some interesting results. In Oleg's testing all of his executions were caught by the Amcache, except those programs executed from external storage volumes. Very interesting! I think we will have to go back to Syscache and Amcache again in the near future to find more about what Oleg was seeing!




The Challenge:
What are all the methods of execution you can find that are not recorded in the Amcache hive?

The Winning Answer:
Oleg Skulkin
https://cyberforensicator.com/2019/02/06/amcache-forensics-populated-or-not/


Daily Blog #622: Solution Saturday 2/9/19 Reviewed by David Cowen on February 09, 2019 Rating: 5

No comments:

All Rights Reserved by Hacking Exposed Computer Forensics Blog © 2014 - 2020
Powered By Blogger, Designed by Sweetheme

Contact Form

Name

Email *

Message *

Powered by Blogger.