Session Type
Lecture
Name
Malware and More: A Look into Windows Memory
Speakers
Tarah Melton | Magnet Forensics
Description

In many cases, memory analysis can provide access to data you can’t get through “dead-box” forensics alone and may be the only way to obtain evidence critical to solving your investigation. Malware investigations in particular can benefit significantly from memory analysis, but that is not the only type of investigation that Memory analysis can play a crucial role. This session will discuss how Magnet AXIOM’s integration of core plugins from the popular tool, Volatility, makes deep memory analysis more accessible to forensic examiners. Learn how to incorporate memory artifacts into a broader timeline together with artifacts from other data sources for a well-rounded investigation. In addition, we’ll explore the free tool MAGNET Process Capture to analyze memory from specific processes, providing a less fragmented output and better data recovery.