Digital Forensic Survival Podcast

Listen to talk about computer forensic analysis, techniques, methodology, tool reviews and more.

http://digitalforensicsurvivalpodcast.libsyn.com/podcast

subscribe
share





DFSP # 278 - Process Triage & CMD


This week is a continuation of the Windows fast triage miniseries. While other aspects of the triage miniseries had fairly contained artifacts to examine, new process triage presents a large and complex landscape to the analyst. I have already broken down a number of effective analysis methods to make this more manageable. This week I focus on key applications to look for during a review. These applications tend to be associated more with malicious activity, at least according to threat intelligence research, so being aware of them and recognizing the potential is important. I also spend some time talking about the nuances of CMD.


share







 2021-06-15  17m