查看文章

Ransomware is an emerging category of malware that locks computer data via powerful cryptographic algorithms. The global propagation of ransomware is a serious threat for individuals and organizations. The banking sector and financial institutions are the prime targets of such ransomware attacks. In case of such an attack, the field of digital forensics helps in estimation of the severity and data loss caused by the attack. Traditional digital forensics investigations make use of static or behavioral analysis to detect malware in infected systems. However, these procedures are challenged by malware obfuscation techniques. Malicious processes can stay inactive and undetected if only a single memory dump is analyzed. Thus, there is a need to collect numerous memory dumps of an individual program that can help with comprehensive and accurate analysis. In this article, we have developed a framework for volatile …