Description: In this video I will show you how to analysis a registry from the memory using Volatility Framework.
In this video I’m using Zeus Memory for registry analysis, and l will show F-secure top10 malware registry launchpoints. Not all but some of them
Download Zeus Memory : - http://malwarecookbook.googlecode.com/svn-history/r26/trunk/17/1/zeus.vmem.zip
Most trojans, worms, backdoors, and such make sure they will be run after a reboot by introducing autorun keys and values into the Windows registry. Some of these registry locations are better documented than others and some are more commonly used than others. One of the first steps to take when doing forensic analysis is to check the most obvious places in the registry for modifications.
Source : - http://www.f-secure.com/weblog/archives/00001207.html
Tags: hacking , hack , memory , forensics , registry ,
Disclaimer: We are a infosec video aggregator and this video is linked from an external website. The original author may be different from the user re-posting/linking it here. Please do not assume the authors to be same without verifying.