[Vol-users] Need to pick a malware for a demo

Mike Lambert dragonforen at hotmail.com
Wed May 2 23:32:41 CDT 2012


I've got a memory forensics presentation coming up next week and I'd like to use a sample that will illustrate a crossview example.
 
Specifically, I'd like to use an example that hides from pslist on the running system (don't want a DKOM example) but we can find it using Volatility. 
I'd like it to be something running and not a process injection sample.
 
Does someone have a suggestion which one may provide a good illustration?
 
Thanks,
Mike
  		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: https://lists.volatilityfoundation.org/pipermail/vol-users/attachments/20120502/e8fba1a0/attachment.html


More information about the Vol-users mailing list