<![CDATA[Ransomware is a growing and evolving problem in digital security. The significant losses caused by ransomware can target individuals as well as companies and organizations due to its increasingly complex and escalating threats. To address this issue, a memory analysis approach is needed to gain a better understanding of its characteristics and behavior. This research proposes a memory analysis approach as a means to detect and analyze ransomware. The memory analysis approach involves capturing the memory running on an infected operating system. This approach can also assist in detection and analyzing ransomware samples that may go undetected by traditional security tools. The result shows the memory analysis approach is capable of detecting WannaCry infections through the analysis of running processes and DLL files. However, this method was not successful in detecting other ransomware infections such as Jigsaw and Locky. These results indicate that the specific characteristics of WannaCry make it identifiable through this approach, while other types of ransomwares may require different detection techniques.]]>
Copyrights © 2025
