Memory Dump can provide unique insights into runtime system activity, including open network connections and recently executed commands or processes. AUMFRO required zipped file of valid Memory Dump to investigate and do Memory Forensic. You can upload valid zipped Memory Dump
Identify Specious IP and Port
Most of the malware including ransomware are network based and work as botnet. These malware mostly need to connect to their origin developer or control centre to execute next command or to send important or confidential information. To accomplish such communication, malware uses open IP address with port.To identify such open IP and Port, AUMFOR will analyze Network Connections for given dump. It will give all possible and necessary details to you for identifying malicious IP or port.
Map Process with Specious IP
Any malicious IP or port found, we can easily link with associated process. Please note that above mentioned process may become difficult for regular Forensic Investigators, if they do manual malware check for each IP, port and process. AUMFOR plays very important role by performing above mentioned process automatically.
Scan Specious Process and Associated Entities
AUMFOR provides feature of scanning individual process file for viruses, worms, Trojans and all kinds of malwares. AUMFOR utilizes VirusToal to accomplish scan process. AUMFOR will do all background stuff for scanning process and gives you final report of that.
How it work ?
Everything about AUMFOR
Detailed guideline on Prerequisites and how to install AUMFOR on different platforms like Windows, Linux and Mac. For WINDOWS
1. Extract the zip file
2. open the cmd with administrative privileges
3. execute following command
python setup.py install or
python setup.pyc install