“Shim Shady: Live Investigations of the Application Compatibility Cache” https://www.fireeye.com/blog/threat-research/2015/10/shim_shady_live_inv.html Research, Volatility plugin, and blog post!
@williballenthin
“Shim Shady: Live Investigations of the Application Compatibility Cache” https://www.fireeye.com/blog/threat-research/2015/10/shim_shady_live_inv.html Research, Volatility plugin, and blog post!