ZeroAccess, Volatility, and Kernel Timers
In another exciting episode of “Volatility Friday”, MHL walks through the steps of hunting for ZeroAccess using physical memory analysis. As an added bonus, you will also get some further insight into plugin development. If you have been enjoying MHLs posts, why not take a unknown sample, try it yourself, and post your findings? It’s a great way to engage the Volatility community and it also helps others learn. Shoutz to MHL!
