SVCHost.exe and Internet Sharing Triage
Investigating suspicious svchost.exe behavior and Internet Connection Sharing during malware triage
Forensics Guides svchost malware forensics
Investigating suspicious svchost.exe behavior and Internet Connection Sharing during malware triage
Using Volatility 3 for memory forensics to analyze malware-infected systems