Acquiring Memory with Magnet RAM Capture

Recently, we released a new free tool that allows investigators to acquire the memory of a live PC. Customers using our IEF Triage module will already be familiar with this tool, as it’s used to acquire evidence from live systems. In realizing that others could benefit from our RAM capture tool, we decided to release it free to the forensics community.

Memory analysis can reveal a lot of important information about a system and its users. There are often instances where evidence stored in memory is never written to the hard drive, and may only be found in the pagefile.sys or hiberfil.sys. Memory analysis is essential to many malware and intrusion incidents and can be imperative in recovering valuable evidence for almost any PC investigation…

Read More (Magnet Forensics)

Leave a Comment