2020-01-03 14:50:17 +07:00
|
|
|
# malware
|
|
|
|
マルウェア関連(調査・解析結果,ツール,解析手法等)
|
2020-02-03 20:52:17 +07:00
|
|
|
- [Malware techniques(reference&memo)](https://github.com/mether049/malware/blob/master/malware-tech_ref_and_memo.md)
|
2020-02-17 00:11:28 +07:00
|
|
|
- [Anti-analysis/detection](https://github.com/mether049/malware/blob/master/malware-tech_ref_and_memo.md#anti-analysis)
|
2020-01-12 22:59:03 +07:00
|
|
|
- [Injection/Hollowing](https://github.com/mether049/malware/blob/master/malware-tech_ref_and_memo.md#injectionhollowing)
|
|
|
|
- [Heavens's Gate](https://github.com/mether049/malware/blob/master/malware-tech_ref_and_memo.md#heavens-gate)
|
|
|
|
- [API obfuscation](https://github.com/mether049/malware/blob/master/malware-tech_ref_and_memo.md#api-obfuscation)
|
|
|
|
- [PowerShell Script obfuscation](https://github.com/mether049/malware/blob/master/malware-tech_ref_and_memo.md#powershell-script-obfuscation)
|
2020-01-17 22:55:15 +07:00
|
|
|
- [Living Off The Land(LOL)](https://github.com/mether049/malware/blob/master/malware-tech_ref_and_memo.md#living-off-the-landlol)
|
2020-01-12 22:59:03 +07:00
|
|
|
- [DGA](https://github.com/mether049/malware/blob/master/malware-tech_ref_and_memo.md#dga)
|
2020-01-19 11:35:59 +07:00
|
|
|
- [Fast Flux](https://github.com/mether049/malware/blob/master/malware-tech_ref_and_memo.md#fast-flux)
|
2020-02-24 17:42:17 +07:00
|
|
|
- [DNS Tunneling](https://github.com/mether049/malware/blob/master/malware-tech_ref_and_memo.md#dns-tunneling)
|
2020-06-09 20:00:46 +07:00
|
|
|
- [Using SSL/TLS](https://github.com/mether049/malware/blob/master/malware-tech_ref_and_memo.md#using-ssltls)
|
2020-02-17 00:11:28 +07:00
|
|
|
- [Pakcing](https://github.com/mether049/malware/blob/master/malware-tech_ref_and_memo.md#packing)
|
2020-02-23 00:56:33 +07:00
|
|
|
- [Anti-Unpacking](https://github.com/mether049/malware/blob/master/malware-tech_ref_and_memo.md#anti-unpacking)
|
|
|
|
- [Mutex](https://github.com/mether049/malware/blob/master/malware-tech_ref_and_memo.md#mutex)
|
|
|
|
- [Poisoning CRT Library](https://github.com/mether049/malware/blob/master/malware-tech_ref_and_memo.md#poisoning-crt-library)
|
2020-02-17 00:11:28 +07:00
|
|
|
- [Persistence](https://github.com/mether049/malware/blob/master/malware-tech_ref_and_memo.md#persistence-1)
|
|
|
|
- [Registry](https://github.com/mether049/malware/blob/master/malware-tech_ref_and_memo.md#registry)
|
2020-04-18 22:00:21 +07:00
|
|
|
- [Startup Folder](https://github.com/mether049/malware/blob/master/malware-tech_ref_and_memo.md#starup-folder)
|
2020-03-18 00:00:55 +07:00
|
|
|
- [Gathering Information](https://github.com/mether049/malware/blob/master/malware-tech_ref_and_memo.md#gathering-information)
|
|
|
|
- [Public IP address](https://github.com/mether049/malware/blob/master/malware-tech_ref_and_memo.md#public-ip-address)
|
2020-04-18 21:56:26 +07:00
|
|
|
- [Delete Data](https://github.com/mether049/malware/blob/master/malware-tech_ref_and_memo.md#delete-data)
|
2020-04-18 22:00:21 +07:00
|
|
|
- [Delete Volume Shadow](https://github.com/mether049/malware/blob/master/malware-tech_ref_and_memo.md#delete-volume-shadow)
|
2020-03-20 03:17:49 +07:00
|
|
|
- [maldoc](https://github.com/mether049/malware/blob/master/malware-tech_ref_and_memo.md#maldoc)
|
|
|
|
- [Obfuscation/Encryption](https://github.com/mether049/malware/blob/master/malware-tech_ref_and_memo.md#obfuscationencryption)
|
|
|
|
- [VBA Stomping](https://github.com/mether049/malware/blob/master/malware-tech_ref_and_memo.md#vba-stomping)
|
2020-05-03 20:36:43 +07:00
|
|
|
- [Malicious JavaScript](https://github.com/mether049/malware/blob/master/malware-tech_ref_and_memo.md#malicious-javascript)
|
2020-01-30 21:59:50 +07:00
|
|
|
- [Shell Backdoor](https://github.com/mether049/malware/blob/master/malware-tech_ref_and_memo.md#shell-backdoor)
|
|
|
|
- [rootkit](https://github.com/mether049/malware/blob/master/malware-tech_ref_and_memo.md#rootkit)
|
2020-01-30 21:59:08 +07:00
|
|
|
- [LKM rootkit](https://github.com/mether049/malware/blob/master/malware-tech_ref_and_memo.md#lkm-rootkit)
|
2020-01-12 22:59:03 +07:00
|
|
|
|
2020-01-04 07:20:45 +07:00
|
|
|
- [Malware analysis method(reference&memo)](https://github.com/mether049/malware/blob/master/malware-analysis_ref_and_memo.md)
|
2020-01-12 22:59:03 +07:00
|
|
|
- [Tools](https://github.com/mether049/malware/blob/master/malware-analysis_ref_and_memo.md#tools)
|
2020-02-03 22:06:28 +07:00
|
|
|
- [VM/OS](https://github.com/mether049/malware/blob/master/malware-analysis_ref_and_memo.md#osvm)
|
2020-01-12 22:59:03 +07:00
|
|
|
- [Static Analysis and Debug tools](https://github.com/mether049/malware/blob/master/malware-analysis_ref_and_memo.md#static-analysis-and-debug-tools)
|
|
|
|
- [Tracer](https://github.com/mether049/malware/blob/master/malware-analysis_ref_and_memo.md#tracer)
|
|
|
|
- [Instrumentation](https://github.com/mether049/malware/blob/master/malware-analysis_ref_and_memo.md#instrumentation)
|
|
|
|
- [Traffic Analysis tools](https://github.com/mether049/malware/blob/master/malware-analysis_ref_and_memo.md#traffic-analysis-tools)
|
|
|
|
- [Forensic](https://github.com/mether049/malware/blob/master/malware-analysis_ref_and_memo.md#forensic)
|
2020-02-03 22:06:28 +07:00
|
|
|
- [Threat hunting](https://github.com/mether049/malware/blob/master/malware-analysis_ref_and_memo.md#threat-hunting)
|
|
|
|
- [.NET analysis](https://github.com/mether049/malware/blob/master/malware-analysis_ref_and_memo.md#net-analysis)
|
|
|
|
- [Utilities](https://github.com/mether049/malware/blob/master/malware-analysis_ref_and_memo.md#utilities)
|
2020-01-12 22:59:03 +07:00
|
|
|
- [Online Sandbox](https://github.com/mether049/malware/blob/master/malware-analysis_ref_and_memo.md#online-sandbox)
|
2020-02-01 22:03:04 +07:00
|
|
|
- [Unpacker/Decryptor/Decoder/Extractor/Memory Scanner](https://github.com/mether049/malware/blob/master/malware-analysis_ref_and_memo.md#unpackerdecryptordecoderextractormemory-scanner)
|
2020-03-27 21:15:04 +07:00
|
|
|
- [PDF Analysis](https://github.com/mether049/malware/blob/master/malware-analysis_ref_and_memo.md#pdf-analysis)
|
2020-03-19 16:32:20 +07:00
|
|
|
- [Document file Analysis](https://github.com/mether049/malware/blob/master/malware-analysis_ref_and_memo.md#docment-file-analysis)
|
2020-03-14 22:00:45 +07:00
|
|
|
- [JavaScript Analysis](https://github.com/mether049/malware/blob/master/malware-analysis_ref_and_memo.md#javascript-analysis)
|
2020-03-09 19:04:38 +07:00
|
|
|
- [Other various file Analysis](https://github.com/mether049/malware/blob/master/malware-analysis_ref_and_memo.md#other-various-file-analysis)
|
|
|
|
- [lnk file](https://github.com/mether049/malware/blob/master/malware-analysis_ref_and_memo.md#lnk-file)
|
2020-01-12 22:59:03 +07:00
|
|
|
- [C2 Analysis](https://github.com/mether049/malware/blob/master/malware-analysis_ref_and_memo.md#c2-analysis)
|
2020-02-03 22:06:28 +07:00
|
|
|
- [Emotet](https://github.com/mether049/malware/blob/master/malware-analysis_ref_and_memo.md#emotet)
|
2020-01-12 22:59:03 +07:00
|
|
|
- [Ursnif](https://github.com/mether049/malware/blob/master/malware-analysis_ref_and_memo.md#ursnif)
|
|
|
|
- [Binary Analysis](https://github.com/mether049/malware/blob/master/malware-analysis_ref_and_memo.md#binary-analysis)
|
2020-02-17 00:06:28 +07:00
|
|
|
- [Unpacking](https://github.com/mether049/malware/blob/master/malware-analysis_ref_and_memo.md#unpacking)
|
2020-02-23 00:56:33 +07:00
|
|
|
- [Microsoft Windows Library](https://github.com/mether049/malware/blob/master/malware-analysis_ref_and_memo.md#microsoft-windows-library)
|
2020-02-15 16:54:32 +07:00
|
|
|
- [Perspective](https://github.com/mether049/malware/blob/master/malware-analysis_ref_and_memo.md#perspective)
|
2020-03-10 20:36:19 +07:00
|
|
|
- [Windows OS](https://github.com/mether049/malware/blob/master/malware-analysis_ref_and_memo.md#windows-os)
|
2020-02-24 19:27:44 +07:00
|
|
|
- [Windows Command](https://github.com/mether049/malware/blob/master/malware-analysis_ref_and_memo.md#windows-command)
|
2020-02-23 21:25:07 +07:00
|
|
|
- [Training Material](https://github.com/mether049/malware/blob/master/malware-analysis_ref_and_memo.md#training-material)
|
2020-01-03 22:08:05 +07:00
|
|
|
- [Emotet](https://github.com/mether049/malware/tree/master/Emotet)
|
|
|
|
- [Trickbot](https://github.com/mether049/malware/tree/master/Trickbot)
|
2020-03-20 17:39:53 +07:00
|
|
|
- [Maldoc used by TA505]()
|
2020-02-29 18:24:55 +07:00
|
|
|
- Knowledge
|
2020-03-01 01:16:33 +07:00
|
|
|
- [Identification of Hollowed out processes](https://github.com/mether049/malware/blob/master/detecting_ph_process.md)
|