%0 Journal Article %T Security and Forensic Analysis of the Ram of a Computer Infected by a Malware %A Yanogo Kiswendsida Jean Hermann %A Djibo Moumouni %A Kahoun Zita Phillipe %A Nabollé %A Rachid Gaetan %A Diberot Cidjeu %A Gé %A rald Yirga %A Ouedraogo Tounwendyam Frederic %J World Journal of Nano Science and Engineering %P 1-12 %@ 2161-4962 %D 2025 %I Scientific Research Publishing %R 10.4236/wjnse.2025.151001 %X Our world is increasingly immersed in technology and malware pose a formidable threat. Malware exploits security vulnerabilities (on a large scale), causing enormous financial losses and compromise of vital information for many businesses, individuals and government institutions. To counter these attacks, forensic malware analysis is crucial. This research focuses on analyzing the RAM of computers infected with virus. The goal of this research is to enable digital investigators to better understand malware behavior and implement effective solutions to analyze compromised computers. The research question is how IT professionals can better analyze infected computer bur using the right method. This work uses tools such as LiME and Volatility and secure environments such as CSI Linux and Tsurugi Linux. In this search we identify suspicious processes running, as well as suspicious active network connections. The results show characteristic alterations, such as changes in system processes or unusual memory access patterns, aligned with known virus techniques. Forensic analysis on network connections shows that the virus established outbound connections to command and control (C&C) servers to receive instructions and send encrypted data by identifying communications to associated suspicious IP addresses and ports to the C&C. This research is crucial because behavioral analysis of malware contributes to the development of more effective mitigation techniques, thereby reducing the risk of infection. Additionally, this research can be valuable for designing malware decryption tools, providing an opportunity for data recovery after a file encryption attack. %K Forensic %K RAM %K CSI Linux %K Virus %K Tsurugi %K Volatility %K LiME %U http://www.scirp.org/journal/PaperInformation.aspx?PaperID=143789