0% found this document useful (0 votes)

38 views

Os Forensics-Process Explorer Lab - 2

This document discusses using Process Explorer to extract information about running processes on a system. It covers viewing details of all running processes, the DLLs loaded by processes like the Start menu experience, searching string files of processes online, and viewing process handles and their security properties to determine if a process is legitimate.

Uploaded by

Doncollins Munene

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

0% found this document useful (0 votes)

38 views

Os Forensics-Process Explorer Lab - 2

Uploaded by

Doncollins Munene

We take content rights seriously. If you suspect this is your content, claim it here.

Available Formats

Download as PDF, TXT or read online on Scribd

You are on page 1/ 9

EXTRACTING INFORMATION ABOUT LOADED PROCESSES USING PROCESS

EXPLORER

Explorer showing details of all process running

Viewing system Information

Viewing the DLL information of the start menu experience (A process I chose to view)
Viewing the DLLS Properties
Verify the process if its legitim
Process is legitimate
Listing Unicode strings found in the process
Saving the image string files

Searching the saved string file online

Online results
Viewing the handles of a process

Viewing handles properties

Security tab displaying level of securitry

Practical Malware Analysis - Part 2 Dynamic Analysis
No ratings yet
Practical Malware Analysis - Part 2 Dynamic Analysis
33 pages
New - Lab Manual 4 - Malware Hunting - Updated2022 - V2
No ratings yet
New - Lab Manual 4 - Malware Hunting - Updated2022 - V2
14 pages
Windows Forensics
100% (2)
Windows Forensics
48 pages
Dokumen - Tips - Malware Hunting With The Sysinternals Tools
No ratings yet
Dokumen - Tips - Malware Hunting With The Sysinternals Tools
58 pages
Malware Analysis
No ratings yet
Malware Analysis
15 pages
ch2 3
No ratings yet
ch2 3
45 pages
ch0 1
No ratings yet
ch0 1
78 pages
Process Explorer Essentials - Antun Peicevic
No ratings yet
Process Explorer Essentials - Antun Peicevic
70 pages
Rekall Memory Forensics Cheatsheet
No ratings yet
Rekall Memory Forensics Cheatsheet
2 pages
ch0 1
No ratings yet
ch0 1
72 pages
D1 - Hiding in Plain Sight - Analyzing Recent Evolutions in Malware Loaders - Holger Unterbrink & Edmund Brumaghin PDF
No ratings yet
D1 - Hiding in Plain Sight - Analyzing Recent Evolutions in Malware Loaders - Holger Unterbrink & Edmund Brumaghin PDF
61 pages
CMSC 449 - Lec2 - Basic Static Analysis
No ratings yet
CMSC 449 - Lec2 - Basic Static Analysis
28 pages
Practical Malware Analysis
No ratings yet
Practical Malware Analysis
45 pages
Lab 12
No ratings yet
Lab 12
12 pages
Practical Malware Analysis
No ratings yet
Practical Malware Analysis
45 pages
Process Explorer Tutorial Handout
No ratings yet
Process Explorer Tutorial Handout
10 pages
ch0 1
No ratings yet
ch0 1
75 pages
6. Malware Analysis
No ratings yet
6. Malware Analysis
45 pages
ch2 3
No ratings yet
ch2 3
45 pages
Deep Dive Os Internals
No ratings yet
Deep Dive Os Internals
33 pages
Global Verdict Report 4
No ratings yet
Global Verdict Report 4
35 pages
Malware Analysis
100% (1)
Malware Analysis
26 pages
Detect Malware W Memory Forensics
100% (1)
Detect Malware W Memory Forensics
27 pages
Report c9ee1d6a90be7524b01814f48b39b232 Compressed
No ratings yet
Report c9ee1d6a90be7524b01814f48b39b232 Compressed
74 pages
Threat Analysis Report: Hash Values File Details Environment
No ratings yet
Threat Analysis Report: Hash Values File Details Environment
24 pages
Memory Fornesics Notes
No ratings yet
Memory Fornesics Notes
28 pages
Malware DynamicAnalysis 1
No ratings yet
Malware DynamicAnalysis 1
31 pages
Malware Analysis
No ratings yet
Malware Analysis
24 pages
Practical Malware Analysis
No ratings yet
Practical Malware Analysis
65 pages
Threat Analysis Report: Hash Values File Details Environment
No ratings yet
Threat Analysis Report: Hash Values File Details Environment
25 pages
Reverse Engineering Malware For Newbies: A Guide For Those of You Who Want To Break Into The Fun World of Malware
No ratings yet
Reverse Engineering Malware For Newbies: A Guide For Those of You Who Want To Break Into The Fun World of Malware
35 pages
Hbgary Shell Trojan Gens
No ratings yet
Hbgary Shell Trojan Gens
28 pages
Regshot Shows The Creation of A /run Registry Key and The Brbconfig - TMP File
No ratings yet
Regshot Shows The Creation of A /run Registry Key and The Brbconfig - TMP File
20 pages
Incident Response and Digital Forensics
No ratings yet
Incident Response and Digital Forensics
50 pages
Chapter 2
No ratings yet
Chapter 2
30 pages
Malware Analysis Cheat Sheet
No ratings yet
Malware Analysis Cheat Sheet
1 page
Windows Forensics
No ratings yet
Windows Forensics
1 page
Notes On Cyber Security
No ratings yet
Notes On Cyber Security
3 pages
___Understanding EProcess Structure
No ratings yet
___Understanding EProcess Structure
4 pages
03 Behavioral 2023-24
No ratings yet
03 Behavioral 2023-24
86 pages
Process Monitor Tool
No ratings yet
Process Monitor Tool
4 pages
MF - Analysis - 1. Rogue Processes
No ratings yet
MF - Analysis - 1. Rogue Processes
1 page
Proj 4. Basic Dynamic Analysis (30 PTS)
No ratings yet
Proj 4. Basic Dynamic Analysis (30 PTS)
8 pages
Week 2 - Lecture
No ratings yet
Week 2 - Lecture
43 pages
Volatility Commands
No ratings yet
Volatility Commands
2 pages
SANS Malware Analysis & Reverse Engineering Cheat Sheet
No ratings yet
SANS Malware Analysis & Reverse Engineering Cheat Sheet
1 page
Report
No ratings yet
Report
287 pages
Name - Shiva Singh Roll - 2041018 Degree - M.tech (IS) Subject - Malware Analysis (CS410245)
No ratings yet
Name - Shiva Singh Roll - 2041018 Degree - M.tech (IS) Subject - Malware Analysis (CS410245)
9 pages
Lab1 Intro Malware Analysis
No ratings yet
Lab1 Intro Malware Analysis
5 pages
Ollydbg
No ratings yet
Ollydbg
13 pages
Analyzing Malicious Windows Programs
No ratings yet
Analyzing Malicious Windows Programs
21 pages
Installation / Resources
No ratings yet
Installation / Resources
2 pages
Evasive Malware A Field Guide to Detecting Analyzing and Defeating Advanced Threats 1 / converted Edition Kyle Cucci - The ebook in PDF and DOCX formats is ready for download
100% (1)
Evasive Malware A Field Guide to Detecting Analyzing and Defeating Advanced Threats 1 / converted Edition Kyle Cucci - The ebook in PDF and DOCX formats is ready for download
43 pages
Server Resource Kit Tools
No ratings yet
Server Resource Kit Tools
14 pages
Malware Analysis
100% (1)
Malware Analysis
4 pages
Int251 Malware Analysis and Cyber Defence
No ratings yet
Int251 Malware Analysis and Cyber Defence
3 pages
Zenoss Core 3.x Network and System Monitoring
From Everand
Zenoss Core 3.x Network and System Monitoring
Michael Badger
No ratings yet
Mastering the Art of Unix Programming: Unraveling the Secrets of Expert-Level Programming
From Everand
Mastering the Art of Unix Programming: Unraveling the Secrets of Expert-Level Programming
Steve Jones
No ratings yet
The Art of Mac Malware, Volume 1: The Guide to Analyzing Malicious Software
From Everand
The Art of Mac Malware, Volume 1: The Guide to Analyzing Malicious Software
Patrick Wardle
4/5 (1)
CompTIA Linux+ Study Guide: Exam XK0-005
From Everand
CompTIA Linux+ Study Guide: Exam XK0-005
Richard Blum
No ratings yet
Lecture 8 Introduction To Ethical Hacking Edited
No ratings yet
Lecture 8 Introduction To Ethical Hacking Edited
14 pages
Lecture 9 Social Engineering
No ratings yet
Lecture 9 Social Engineering
40 pages
mULTIPLEXING and GSM
No ratings yet
mULTIPLEXING and GSM
34 pages
Os Forensics-Using Osforensics Lab1
No ratings yet
Os Forensics-Using Osforensics Lab1
9 pages

Note: This service is not intended for secure transactions such as banking, social media, email, or purchasing. Use at your own risk. We assume no liability whatsoever for broken pages.

Os Forensics-Process Explorer Lab - 2

Uploaded by

Os Forensics-Process Explorer Lab - 2

Uploaded by

EXTRACTING INFORMATION ABOUT LOADED PROCESSES USING PROCESS

Explorer showing details of all process running

Searching the saved string file online

Viewing handles properties

You might also like

Pfad - The Proxy pFad of © 2024 Garber Painting. All rights reserved.