-
```
What steps will reproduce the problem?
The below command is issued...
C:\Python27\Scripts>vol.py -f C:\Python27\RAM\ram.vmem -p 1956 malware.yara -D
C:\Python27\RAM malfind
What is the expected …
-
```
What steps will reproduce the problem?
1. Checkout volatility-read-only
2. sudo python setup.py install
3. vol.py -h
What is the expected output? What do you see instead?
Expect to see malware pl…
-
```
What steps will reproduce the problem?
The below command is issued...
C:\Python27\Scripts>vol.py -f C:\Python27\RAM\ram.vmem -p 1956 malware.yara -D
C:\Python27\RAM malfind
What is the expected …
-
Hello,
tried to run Loki on a french win10 and got a few suspicious item based on owner. And they are normal (pristine system). accents don't seem to be supported.
usual owners are
SERVICE LOCAL
SER…
juju4 updated
8 years ago
-
```
What steps will reproduce the problem?
The below command is issued...
C:\Python27\Scripts>vol.py -f C:\Python27\RAM\ram.vmem -p 1956 malware.yara -D
C:\Python27\RAM malfind
What is the expected …
-
```
If the following command line is executed on a Win7 Enterprise box using ver
2.4 of Volatility:
W:\VOL_Analysis_Scripts>volatility.exe yarascan -f MemoryDump.bin
--yara-rules="(25[0-5]|2[0-4][0…
-
```
What steps will reproduce the problem?
1.installed latest volatility
2.typed 'vol.py malfind -f coreflood.vmem -dump-dir=outdir
--yara-rules=./aa.yara'
3.then i got 'vol.py: error: no such option…
-
```
What steps will reproduce the problem?
1.installed latest volatility
2.typed 'vol.py malfind -f coreflood.vmem -dump-dir=outdir
--yara-rules=./aa.yara'
3.then i got 'vol.py: error: no such option…
-
hello,
i just run cuckoo
![c1](https://cloud.githubusercontent.com/assets/7676267/11785667/237c46d4-a298-11e5-92e3-be9e4d510f3c.jpg)
and submit a file
![c2](https://cloud.githubusercontent.com/asset…
-
```
What steps will reproduce the problem?
1. Checkout volatility-read-only
2. sudo python setup.py install
3. vol.py -h
What is the expected output? What do you see instead?
Expect to see malware pl…