Maximilian Larum
@0xm4xdf1r.bsky.social
SOC Manager at Coop Norge | GCFE | GCFA | GPEN | BTL1 | Coin hoarder | Lethal Forensicator #DFIR
Prefetch files capture app execution data—timestamps, filenames, usage counts—and track accessed files/folders, offering insights into user activity and potential suspicious behavior.
Location: C:\Windows\Prefetch
Parsing tool: github.com/EricZimmerma...
💼🔍
#DFIR
Location: C:\Windows\Prefetch
Parsing tool: github.com/EricZimmerma...
💼🔍
#DFIR
November 15, 2024 at 7:13 AM
Prefetch files capture app execution data—timestamps, filenames, usage counts—and track accessed files/folders, offering insights into user activity and potential suspicious behavior.
Location: C:\Windows\Prefetch
Parsing tool: github.com/EricZimmerma...
💼🔍
#DFIR
Location: C:\Windows\Prefetch
Parsing tool: github.com/EricZimmerma...
💼🔍
#DFIR