Tag Archives: Malicous processes
Sometime you want to investigate application and processes running on the windows operating system. this will help to find the functions performed by the app which can be legitimate , suspicious or malicious. in similar cases you can check SpyStudio.
RpcView is a free tool that can be used to monitor and decompile all registered interfaces on windows operating system. Information provided by this tool include the following: the Pid of the process hosting this endpoint; the used protocol among
Moneypack malware ransomware variants have been observed by Trendmicro security researchers. The malware encrypt files and asks victim to pay online for having their files recovered. The attack is targeting users in Turkey and Hungary. Cybercriminals spread their malwares by
Security researchers at TrenMicro have identified a new type of malware that update their configuration in a very interesting way. This means that compromised machines are configured to download JPEG files that contain encrypted configuration files/binaries without victim’s knowledge. The
Process hacker is one of the leading tool for manipulating processes and services, this is important for monitoring the changes when you are investigating a malicious code. you will need this tool in your sandbox to identify any new process
Forensic tools are important to help in analyzing DLLs and processes running on operating system, here you can consider some free programs such as CrowdInspect. CrowdInspect is a free tool for Microsoft Windows systems that helps to detect any suspicious
Windows operating system contain services and processes, some of them are required for certain tasks or operations other consume the memory without any usage and some are on the system with a malicious intent. To detect and resolve what you