SVCHost.exe and Internet Sharing Triage
Investigating suspicious svchost.exe behavior and Internet Connection Sharing during malware triage
Forensics Guides svchost malware forensics
Disclaimer: All research and opinions expressed here are my own and are independent of any employer or organisation.
Investigating suspicious svchost.exe behavior and Internet Connection Sharing during malware triage
Using Volatility 3 for memory forensics to analyze malware-infected systems