-
```
What steps will reproduce the problem?
1. Checkout volatility-read-only
2. sudo python setup.py install
3. vol.py -h
What is the expected output? What do you see instead?
Expect to see malware pl…
-
```
What steps will reproduce the problem?
1. Checkout volatility-read-only
2. sudo python setup.py install
3. vol.py -h
What is the expected output? What do you see instead?
Expect to see malware pl…
-
```
What steps will reproduce the problem?
1. Checkout volatility-read-only
2. sudo python setup.py install
3. vol.py -h
What is the expected output? What do you see instead?
Expect to see malware pl…
-
```
What steps will reproduce the problem?
1. Checkout volatility-read-only
2. sudo python setup.py install
3. vol.py -h
What is the expected output? What do you see instead?
Expect to see malware pl…
-
```
What steps will reproduce the problem?
The below command is issued...
C:\Python27\Scripts>vol.py -f C:\Python27\RAM\ram.vmem -p 1956 malware.yara -D
C:\Python27\RAM malfind
What is the expected …
-
```
What steps will reproduce the problem?
The below command is issued...
C:\Python27\Scripts>vol.py -f C:\Python27\RAM\ram.vmem -p 1956 malware.yara -D
C:\Python27\RAM malfind
What is the expected …
-
```
If the following command line is executed on a Win7 Enterprise box using ver
2.4 of Volatility:
W:\VOL_Analysis_Scripts>volatility.exe yarascan -f MemoryDump.bin
--yara-rules="(25[0-5]|2[0-4][0…
-
```
What steps will reproduce the problem?
1. Checkout volatility-read-only
2. sudo python setup.py install
3. vol.py -h
What is the expected output? What do you see instead?
Expect to see malware pl…
-
@KillerInstinct
Output from the pony_apis.py memory module finds the following:
C2: hxxp://kincoletca.ru/gate.php
C2: hxxp://thenuldmirit.ru/gate.php
However if you look in the memory dump file, you…
-
```
What steps will reproduce the problem?
1. Checkout volatility-read-only
2. sudo python setup.py install
3. vol.py -h
What is the expected output? What do you see instead?
Expect to see malware pl…