Performing x64 Windows 7 Memory Forensics with Volatility
In this blog post, Patrick Olsen leverages Volatility’s x64 Alpha support to analyze a Windows 7 sample of physical memory that had been infected with malware. Shoutz to Patrick for sharing his analysis experiences with the community! If you have x64 memory samples and are willing to help provide feedback, please reach out to the Volatility Team!
PS. On a sad note, given the SIFT team’s unwillingness to respect the requests of open source developers and communities, it is unclear how much longer the Volatility Team can continue to support the integration of Volatility within SIFT. More details to follow as the situation unfolds….
