2015-028: using log analytics to discover Windows malware artifacts
In this podcast, you'll learn about: Log analytics software that can be used to parse system logs for naaty malware Detecting Malware artifacts learn about windows directory locations looking for indicators like packing, changed hashes, etc Tips for capturing malware using tools like RoboCopy Learn about what code caves are and how malware hides inside them (http://www.codeproject.com/Articles/20240/The-Beginners-Guide-to-Codecaves) SANS DFIR poster - https://www.sans.org/security-resources/posters/windows-forensics-evidence-of-75
