Infected files
Infected files
This is self-explanatory, a file that contains malicious code!
Additional information…
Complex malware will more likely than not hide in plain sight. It will typically hide as an operating system file within the Windows system folder structures.
Any process executing from a user area should be a process of interest. In the event the malware is being executed from a system area, simply hash the system files and compare against a known good configuration. You can make your own or download the NRSL hash set from NIST. Click here to visit the NSRL download page.
Introduction to Digital Forensics: Malware Analysis and Investigations
Introduction to Digital Forensics: Malware Analysis and Investigations
Reach your personal and professional goals
Unlock access to hundreds of expert online courses and degrees from top universities and educators to gain accredited qualifications and professional CV-building certificates.
Join over 18 million learners to launch, switch or build upon your career, all at your own pace, across a wide range of topic areas.
