Home Videos Persistence Mechanisms

Persistence Mechanisms

0
1
351

As a continuation of the “Introduction to Windows Forensics” series by Richard Davis, this episode looks at persistence mechanisms often utilized by malware. First, you’ll look at the ubiquitous “Run” and “RunOnce” keys, as well as a great article that summarizes many of the other Autostart Extensibility Points (ASEPs) you’re likely to encounter. Then, you’ll look at Autoruns from Sysinternals. This utility will automatically parse and aggregate these ASEPs and show us the dozens of places in which we can tell Windows to automatically start a program. Lastly, you’ll look at new research that identifies another feature of Windows that can be exploited to achieve persistence, but that will NOT show up in Autoruns or in other tools that attempt to display this information.

Load More Related Articles
  • Juicy PDFs

    This new video is the next episode of “Introduction to Malware Analysis” serie…
  • Cooking with CyberChef

    As a continuation of the “Introduction to Windows Forensics” series, this epis…
  • Python Digital Forensics

    Python is uniquely positioned as a programming language to perform cyber investigations an…
Load More In Videos

Leave a Reply

Your email address will not be published. Required fields are marked *