Naturually, I didn't want it to come across as a shameless plug for your FBCD -)
)
Ah there are no plugs nor marketing for my CD or training, Jon. Although I thought of dropping an ad in ANTIQUE POWER magazine. 😉
I'll try not to punish Joyce too much this weekend - gonna see how he climbs cliffs and dives into cold water!
Farmerdude and echo6 thanks for the suggestions. Earlier in my testing I was using volatility and I was having issues getting the malfind plugin to work. I was meaning to go back to test the plugin again but I guess I got sidetracked by other things.
Corey Harrell
"Journey into Incident Response"
http//journeyintoir.blogspot.com
While I was experimenting with malware forensics I found it pretty useful to submit the samples I was using at http//anubis.iseclab.org/. Although it can't work as part of your detection methodology, the report can offer a baseline for your experiments check which of the reported events can be identified by your methodology. Possibly you already know about it…