Software Kernels: Unraveling Digital Forensics Intricacies

In this article we will cover the basics of what a software kernel is, the application of software kernels in the context of digital forensic examinations, and we’ll shed some light on how kernels contribute to the acquisition and analysis of data during a forensic investigation.

What is Infostealer Malware?

Infostealers are a type of malware specifically designed to locate and exfiltrate credentials. Their prevalence and impact were limited pre-COVID-19 as most of the headlines were grabbed by ransomware operations that crippled large organizations.

SRUM: Forensic Analysis of Windows System Resource Utilization Monitor

SRUM, or System Resource Utilization Monitor, is a feature of modern Windows systems (Win8+), intended to track the application usage, network utilization and system energy state. SRUM, as with most operating system features, wasn’t designed for the forensicator, but that doesn’t mean we can’t use it to support our investigations.