Malware Analysis & Forensics Investigation
Tools Used: Redline, Autopsy, Netcat, FTP, Memoryze
March 2024
- Conducted full forensic triage of a legacy Windows XP VM using memory analysis and registry artifact extraction to identify attacker behavior and persistence mechanisms
- Uncovered rootkits (hxdef100), RATs (Poison Ivy), and password-cracking tools (John the Ripper) via Memoryze,Redline, and Autopsy
- Reconstructed a timeline of compromise in a report