SANS - "Offline Autoruns Revisited - Auditing Malware Persistence"
I was digging through the archives recently and stumbled upon my old post, Autoruns and Dead Computer Forensics. Autoruns is an indispensable tool from Sysinternals that extracts data from hundreds of potential auto-start extensibility points (ASEPs), a fancy Microsoft term for locations that can grant persistence to malicious code. We leverage live Autoruns collection in … Continue reading Offline Autoruns Revisited - Auditing Malware Persistence
from SANS Digital Forensics and Incident Response Blog http://digital-forensics.sans.org/blog/2019/04/29/offline-autoruns-revisited
from SANS Digital Forensics and Incident Response Blog http://digital-forensics.sans.org/blog/2019/04/29/offline-autoruns-revisited
Comments
Post a Comment