Previously i’ve talked a lot about Volatility, and i’ve published also some articles about YARA. Today i’d like share a brief and simple workflow, useful for a first high-level analysis of memory dumps in order to search the presence of a generic malware. The result of this workflow is useful as pivot-point for further analysis,…
Article Link: https://www.andreafortuna.org/dfir/finding-malware-on-memory-dumps-using-volatility-and-yara-rules/