Home Contact

M-unition

The Ammunition You Need to Find Evil and Solve Crime

About Us

Welcome to M-unition, the MANDIANT blog. Here we share our insights about the tools we create and use to find evil and solve crime.

Memory forensics on Windows 7 (x86 and x64) and Windows 2008 x64

Written by Jamie Butler

Next month Memoryze will be two years old and a lot has changed over that time. There has been a lot of interesting research in the field of memory forensics, and responders are finding value in the analysis.
 
Platform Support
From a tool perspective, other than the addition of a GUI called Audit Viewer and the added usability that the Malware Rating Index (MRI) provides, the most noticeable change is the expanding platform support. Read the rest

Tags: , , , , , ,

. 20 Sep 10 | The Armory | Comments (0)

New Memoryze, Audit Viewer, and Training

Written by Jamie Butler

For those who are not on our mailing list for Memoryze or Audit Viewer, we released a new version a little over a week ago. The new version of the software includes all of the memory analysis features that are available in the newly released MANDIANT Intelligent Response (MIR) 1.4. Read the rest

Tags: , , , , , ,

. 06 Jun 10 | The Armory, The Suite Spot | Comments (0)

Memory Analysis on Windows 2003 64-bit and What’s Next

Written by Jamie Butler

Tags: , , , , , , ,

. 15 Mar 10 | The Suite Spot | Comments (0)

New Audit Viewer for Memoryze

Written by Jamie Butler


If you are tired of trying to load Memoryze’s results into Internet Explorer
or into an Excel spreadsheet, check out the new viewer from Peter
Silberman. The Audit Viewer is written in Python and comes with
the BSD license because you know best how you want to view your data. Read the rest

Tags: , , , ,

. 25 Nov 08 | The Lab | Comments (2)