Add Syscache.hve artifact

[nwf9]

Hi Matias,

Do you have plan to add the parsing and analysis for the syscache.hve. You can look into David Cowen research below

https://www.hecfblog.com/2018/12/daily-blog-573-forensic-lunch-test.html?m=1

[mbevilacqua]

That definitely sounds like it would be a good source of data for ACP. Looks like there's already some folks investigating the artefact and writing up some python code so will monitor and leverage that when available. Thanks!

[nwf9]

With my pleasure, it will be very good to hunt with this artifact. You can also add sccm telemetry.