Digital Forensics Tips&Tricks: Telegram IM-based RAT — Part I

[@nuclearwind]

Yes, you can do something useful, of course.
Buhtrap cyberteam were using a Teamviewer and PuntoSwitcher for their RAT. Does it mean that you do not need to know how to search and find these modules during the investigation?