Memory Forensics with Volatility | HackTheBox Reminiscent

We covered an incident response scenario that involved a using memory forensics to investigate the presence of a malware downloaded from email attachments. The scenario involved a memory dump and Volatility tools to perform memory investigation. We listed the processes running, the process tree and uncovered a Powershell process that was invoked after opening the attachment which was in PDF. We extracted strings from the PDF attachments to find the artifacts (the flag). This was part of HackTheBox Reminiscent

Get Computer Forensics Notes

Video Walkthrough

CTF Writeups, HackTheBox, HackTheBox Reminiscent, Memory Forensics, Volatility

Show Comments

MasterMind Study Notes

About the Author

Mastermind Study Notes is a group of talented authors and writers who are experienced and well-versed across different fields. The group is led by, Motasem Hamdan, who is a Cybersecurity content creator and YouTuber.

View Articles

Memory Forensics with Volatility | Uncovering Malware Hidden in Emails | HackTheBox Reminiscent

Leave a Reply Cancel reply

MasterMind Study Notes

About the Author

Press ESC to close

Memory Forensics with Volatility | Uncovering Malware Hidden in Emails | HackTheBox Reminiscent

Leave a Reply Cancel reply

MasterMind Study Notes

About the Author

Share Article:

You might also like

Learn Windows Command Line Basics | TryHackMe Walkthrough

OffSec Proving Grounds: Crane Walkthrough | OSCP Prep

HackTheBox Spookypass Challenge Writeup