0

Explore Products

Best Sellers

New Releases

Books

Videos

Audiobooks

Free Learning

Practical Windows Forensics

You're reading from Practical Windows Forensics Leverage the power of digital forensics for Windows systems

Product type Paperback

Published in Jun 2016

Publisher Packt

ISBN-13 9781783554096

Length 322 pages

Edition 1st Edition

Tools

Windows Server

Concepts

Forensics

Table of Contents (15) Chapters

Preface

1. The Foundations and Principles of Digital Forensics FREE CHAPTER

2. Incident Response and Live Analysis

3. Volatile Data Collection

4. Nonvolatile Data Acquisition

5. Timeline

6. Filesystem Analysis and Data Recovery

7. Registry Analysis

8. Event Log Analysis

9. Windows Files

10. Browser and E-mail Investigation

11. Memory Forensics

12. Network Forensics

appA. Building a Forensic Analysis Environment

Factors that need to be considered

appB. Case Study

Prefetch files

To try to answer the previous question, we can start analyzing the prefetch files. From DART, open the WinPrefetchView tool. This tool will automatically parse the prefetch files of the live system and view their results in human readable format.

After spending some time in viewing the files and searching for the executable named epqe, we can find that eqpe.exe ran just two seconds after a file named latest_report.pdf.exe ran in the system, and at the same second the Explorer.exe started:

Prefetch files

As we can see, the first filename is very suspicious. It is located under C:\Users\<<UserName>>\Downloads\latest_report.pdf.exe. If we tried to search this location for this file, we won't find it. In the list of files used by this latest_report.pdf.exe file, according to WinPrefetchView, we will find the epqe.exe file used or created by this file:

Prefetch files

However, what made the victim download this malicious executable?

The rest of the chapter is locked

Register for a free Packt account to unlock a world of extra content!

A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.

Unlock this book and the full library FREE for 7 days

Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of

Start free trial

Renews at $19.99/month. Cancel anytime

Personalised recommendations for you

Based on your interests and search pattern

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

The Aspiring CIO and CISO

The Aspiring CIO and CISO

This book helps entry, mid-level, and senior managers master soft skills, craft a compelling brand, and strategically plan their career in C-suite roles with the help of expert insights needed for success in digital leadership and executive roles.

Jun 2024 8h 32m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m

Malware Development for Ethical Hackers

Malware Development for Ethical Hackers

This book will help you understand malware development by delving into the intricate mechanisms of malware development, injection attacks, and advanced evasion strategies with over 80 real-life examples.

Jun 2024 13h 0m