Helpful Navigation Toolbar

Tuesday, February 11, 2014

Small update to Windows Live Response tools


Good news everyone!! I added PeStudio 8.06 and Last Activity View to the latest version of the Windows Live Response tools. Last Activity View runs without any user interaction when run as an Administrator, so I put it in that section of the batch script rather than having it run in the non-Administrative privileges portion.

For more about PeStudio please click here
For more about Last Activity View please click here

Last Activity View seems to add some additional Unicode characters into the output from time to time so it is not 100% reliable, but it can help give you some insight to what activities occurred on the system(s) prior to running the Windows Live Response tools.


Browsing to the Chewbacca malware, as seen with Last Activity View





LiveResponseCollection-Bambiraptor.zip - download here 

MD5: 8603e36be474e8b69c652e5dc86adc2e
SHA-256: ec79422ce2e7218a7bc57b0caf52a5eae2eca98810ac466dddac1115aade493e 

Updated: December 12, 2016





No comments:

Post a Comment