Windows memory image analysis with Belkasoft Evidence Center

In the previous recipes, we successfully created two memory forensic images, one with Belkasoft Live RAM Capturer, and the other with DumpIt. Now it's time to perform analysis. Let's start from the first image and use Belkasoft Evidence Center for analysis.

Belkasoft Evidence Center is a powerful digital forensics tool, capable of parsing data not only from memory images, but also from images of computer drives and mobile devices. From a memory dump, it can extract valuable artifacts such as remnants of communications via social networks, messengers, chat rooms, webmail systems, data from cloud services, web-browsing artifacts, and so on.