[Vol-users] New Blog Post: When Anti-Virus Engines Look Like Kernel Rootkits

Andrew Case atcuno at gmail.com
Wed May 27 11:14:43 EDT 2020


We just posted a new writeup on a common analysis task required when investigating real world systems - deciphering hooks placed by AV/EDR vs those placed by malware

The post can be found here:

https://volatility-labs.blogspot.com/2020/05/when-anti-virus-engines-look-like.html

Please let us know if you have any questions or comments, and we hope you enjoy the read!


More information about the Vol-users mailing list