Belkasoft Incident Investigations (Belkasoft N) is a tool for digital incident investigations, developed specifically for businesses and aimed to investigate hacking attempts of Windows-based computers. By analyzing numerous sources, Belkasoft N can find traces, which are typical for various tricks used by hackers to penetrate company's infrastructure.

• Detect suspicious traces in most typical locations, including registries, event logs and less known files
• Analyze how malicious code persisted in the system by analyzing services, scheduled tasks, WMI subscriptions, Applinit DLLs and so on
• Learn how and when malware was executed by examining various artifacts such as Amcache and Shimcache, Syscache, BAM and DAM
• Extract remote connections details including IP and time stamps for RDP and TeamViewer
• Find potential initial attack vector by analyzing recently opened documents and browser links, latest downloads and so on
• Search inside extracted information, bookmark important data and create reports in multiple formats

For more information click here