1
0
mirror of https://github.com/nganhkhoa/malware.git synced 2024-06-10 21:32:07 +07:00

Update malware-tech_ref_and_memo.md

This commit is contained in:
mether049 2020-07-12 23:18:38 +09:00 committed by GitHub
parent 6acbf7ffee
commit 02da2c173a
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -464,12 +464,22 @@ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\StartUp
dig whoami.akamai.net @ns1-1.akamaitech.net dig whoami.akamai.net @ns1-1.akamaitech.net
``` ```
# Delete Data # Deleting, Disabling, Exiting, Killing, Terminating
## Delete Volume Shadow ## Delete Volume Shadow
- ランサムウェアはバックアップからの復元を防ぐためにvolume shadowを削除することが多い - ランサムウェアはバックアップからの復元を防ぐためにvolume shadowを削除することが多い
``` ```
vssadmin Delete Shadows /All /Quiet vssadmin Delete Shadows /All /Quiet
``` ```
## Delete Service
```
sc delete
```
## Kill Task
```
taskkill -f -im
```
## Terminate Process
- TerminateProcess APIの使用
# maldoc # maldoc
## Obfuscation/Encryption ## Obfuscation/Encryption