Tag: Dynamic Analysis

Limitations of Malware Sandbox Usage in Digital Forensic Investigation

When digital investigators are confronted with suspicious executable during investigation, a standard, well-known incidents response process is applied. This process encompasses, hashing the suspect executable and look-up with the hash value in an online malware analysis and scanning service such as VirusTotal [1] to verify if suspect executable belongs to a known malware family. If…

13 September, 2012

Limitations of Malware Sandbox Usage in Digital Forensic Investigation