[Vol-users] Shellcode use in memory - forensic challenge related
jared703 at gmail.com
Thu Oct 1 16:02:43 CDT 2015
I've been messing around with this fun challenge as of late -
have been struggling with question #5 (using memory forensics, can you
identify the shellcode used?).
My initial approach was starting with malfind and dumping malfind artifacts
and reviewing. I also threw some shellcode based yara sigs together, but
didn't have much luck there either.
Anyways, any help or direction pointing is appreciated :)
-------------- next part --------------
An HTML attachment was scrubbed...
More information about the Vol-users