all InfoSec news logo
all InfoSec news - Your InfoSec news aggregator
Log in Sign up
all InfoSec news

Memory Forensics Question

Add to bookmarks
Dec. 18, 2022, 2 p.m. | /u/curlydog998

Computer Forensics www.reddit.com

I recently had to conduct a compromise assessment on an Windows 10 device. When looking at the processes a flag was raised when wininit.exe had a parent of lsass.exe. My understanding is that wininit.exe has a parent of smss.exe, but smss.exe terminates, so is wininit.exe doesn't have a parent that can be seen. lsass.exe is actual a child of wininit.exe.

I decided to take a look at some other memory dumps that I had lying around. Straight away I found …

computerforensics forensics memory memory forensics

Visit resource

More from www.reddit.com / Computer Forensics

In need of some career help 21 hours ago | www.reddit.com
can career computerforensics digital +3
Galley v Cellebrite Premium 2 days, 8 hours ago | www.reddit.com
cellebrite computerforensics date device +10
Malware Analysis Blog(Formbook info stealer analysis) 2 days, 17 hours ago | www.reddit.com
analysis blog check computerforensics +13
[HELP] Is there a way to export chat bubble description tags in Cellebrite PA or … 2 days, 22 hours ago | www.reddit.com
cellebrite chat computerforensics export +2
DVR forensic recovery 3 days, 3 hours ago | www.reddit.com
case computerforensics department down +10
YouTube @systemforensic videos. 3 days, 9 hours ago | www.reddit.com
access channel computerforensics course +8
meobrute - Automate the process of brute forcing the My Eyes Only pin code on … 4 days, 4 hours ago | www.reddit.com
automate brute brute forcing code +4
Autopsy benchmarks? 4 days, 8 hours ago | www.reddit.com
autopsy benchmarks computerforensics default +5
Volatility 2 to 3 5 days, 4 hours ago | www.reddit.com
computerforensics hello run sift +4

Jobs in InfoSec / Cybersecurity

Post a job on infosec-jobs.com Find talent on infosec-jobs.com

Junior Cybersecurity Analyst - 3346195

@ TCG | 725 17th St NW, Washington, DC, USA
View on infosec-jobs.com

Cyber Intelligence, Senior Advisor

@ Peraton | Chantilly, VA, United States
View on infosec-jobs.com

Consultant Cybersécurité H/F - Innovative Tech

@ Devoteam | Marseille, France
View on infosec-jobs.com

Manager, Internal Audit (GIA Cyber)

@ Standard Bank Group | Johannesburg, South Africa
View on infosec-jobs.com

Staff DevSecOps Engineer

@ Raft | San Antonio, TX (Local Remote)
View on infosec-jobs.com

Domain Leader Cybersecurity

@ Alstom | Bengaluru, KA, IN
View on infosec-jobs.com
View more jobs