Leveraging the Application Compatibility Cache in Forensic Investigations By Andrew Davis, Associate Consultant, Mandiant During keyword searches of compromised systems, Mandiant discovered known malicious file names in - Compound File Binary Format - Document - PDFSEARCH.IO

First Page	Meta Content
	Leveraging the Application Compatibility Cache in Forensic Investigations By Andrew Davis, Associate Consultant, Mandiant During keyword searches of compromised systems, Mandiant discovered known malicious file names in Add to Reading List Document Date: 2012-05-29 23:46:02 Open Document File Size: 137,94 KB Share Result on Facebook Company SAIC CIRT / Microsoft Corporation / / Country United States / / Facility Mill Road / / IndustryTerm computer forensics solutions / law firms / proof-of-concept tool / / OperatingSystem Windows Vista / Windows 7 / Windows XP / XP / Microsoft Windows / Windows Server 2003 / Windows Server 2008 / / Organization Application Experience Lookup Service / / Person Josh Homan / Mandiant During / Alex Ionescu / / / Position Manager / cache manager / Consultant / analyst / / Product Windows / Microsoft Corporation Portable Audio Device / / ProgrammingLanguage XML / / Technology API / operating system / shared memory / / URL www.mandiant.com / http / SocialTag System software Windows Registry Cache Compound File Binary Format CPU cache Microsoft Windows Windows XP Computing

Leveraging the Application Compatibility Cache in Forensic Investigations By Andrew Davis, Associate Consultant, Mandiant During keyword searches of compromised systems, Mandiant discovered known malicious file names in Add to Reading List