You are browsing the archive for Forensic Riddles.

Forensic Riddle #12

July 4, 2012 in Forensic Riddles

Most Windows APIs accepting strings as parameters are described on MSDN as FooBar and if they support ANSI/Unicode versions they refer to FooBarA, FooBarW e.g. CreateFile points to CreateFileA for […]

Forensic Riddle #11

April 27, 2012 in Forensic Riddles

It’s been a while since I posted a riddle, so here is a new one – this should be an easy one: Two different Windows executables have been executed on […]