: Looking for recent software execution or user activity.
Summarize the "who, what, when, where, and how" of the incident. IP_Leandro_Set5.rar
: If a malicious file was found, describe its location and how it maintained persistence (e.g., a Registry Run key). : Looking for recent software execution or user activity
: Identifying downloads or external communications. Prefetch/LNK Files : Proving specific applications were run. 4. Detailed Findings IP_Leandro_Set5.rar