- About FIRST
- FIRST Members
- Global Initiatives
- Special Interest Groups (SIGs)
- Best Practices Contest
- Standardization efforts
- Affiliates
- Events
- Meetings
- Security Library
- Newsroom
Thursday — November 15th, 2012 14:00
Thursday — November 15th, 2012 15:15
Thursday — November 15th, 2012 15:45
We will learn how to examine a disk image of the compromised PC, then analyze malicious document and malware extracted from the image. This hands-on session is outlined as follows: Find malicious auto-started programs, Browse and recover (deleted) files, Analyze Windows registry hives, Analyze a malicious Office document, Analyze swf file and malware
Students should bring your own laptop that matches the following requirements.
Hardware
Host OS
Guest OS 1 for dynamic malware analysis
Guest OS 2 for forensic analysis
download URL:http://computer-forensics.sans.org/community/downloads
Hiroshi Suzuki (IIJ-SECT, JP) 
Hiroshi Suzuki is a malware analyst, working for a Japanese ISP company, Internet Initiative Japan Inc. His main job is to analyze malware and vulnerabilities, to observe malware activity, and digital forensics with over seven years.
Takahiro Haruyama (IIJ-SECT, JP)
Takahiro Haruyama (Internet Initiative Japan Inc.) Takahiro Haruyama, EnCE, is a forensic professional with over seven years of extensive research experience and knowledge in intrusion detection, authentication, VPN, digital forensics and malware analysis. He is the author of memory forensic EnScript such as Raw Image Analyzer (previously called Memory Forensic Toolkit) and Crash Dump Analyzer. He also has spoken at several conferences about digital forensics and computer security including Black Hat Europe 2012, The Computer Enterprise and Investigations Conference (CEIC) 2011 and RSA Conference Japan 2010.
Copyright © 1995 - 2013 by FIRST.org, Inc.
