all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Memory Forensics Question

Add to bookmarks
Dec. 18, 2022, 2 p.m. | /u/curlydog998

Computer Forensics www.reddit.com

I recently had to conduct a compromise assessment on an Windows 10 device. When looking at the processes a flag was raised when wininit.exe had a parent of lsass.exe. My understanding is that wininit.exe has a parent of smss.exe, but smss.exe terminates, so is wininit.exe doesn't have a parent that can be seen. lsass.exe is actual a child of wininit.exe.

I decided to take a look at some other memory dumps that I had lying around. Straight away I found …

computerforensics forensics memory memory forensics

Visit resource

More from www.reddit.com / Computer Forensics

Which is the fastest tool ? 18 hours ago | www.reddit.com
autopsy axiom can computerforensics +10
Publicly-Accessible Disk Images and Mobile Extractions Grid for DFIR 1 day, 21 hours ago | www.reddit.com
android artifacts computerforensics disk +7
BIRT Incident Response & Triage Beta update 2 days, 22 hours ago | www.reddit.com
application asking beta blog +15
What do I need for a career in computer forensics if I’m currently doing my … 3 days, 22 hours ago | www.reddit.com
career computer computer forensics computerforensics +3
GCFA 2024 5 days, 19 hours ago | www.reddit.com
advice computerforensics digest gcfa +6
FOR577: LINUX Incident Response and Threat Hunting 6 days, 18 hours ago | www.reddit.com
computerforensics thanks
How to input the NSRL database into Axiom? 1 week, 1 day ago | www.reddit.com
axiom can computerforensics database +6
This case has been posted on here several times. This is the defense hitting on … 1 week, 3 days ago | www.reddit.com
case computerforensics defense experts +1
Google account sign out for "suspicious activity" 1 week, 5 days ago | www.reddit.com
account can computerforensics device +8

Jobs in InfoSec / Cybersecurity

Post a Job Search Talent

CyberSOC Technical Lead

@ Integrity360 | Sandyford, Dublin, Ireland
View on infosec-jobs.com

Cyber Security Strategy Consultant

@ Capco | New York City
View on infosec-jobs.com

Cyber Security Senior Consultant

@ Capco | Chicago, IL
View on infosec-jobs.com

Sr. Product Manager

@ MixMode | Remote, US
View on infosec-jobs.com

Security Compliance Strategist

@ Grab | Petaling Jaya, Malaysia
View on infosec-jobs.com

Cloud Security Architect, Lead

@ Booz Allen Hamilton | USA, VA, McLean (1500 Tysons McLean Dr)
View on infosec-jobs.com