From 060163d9c2c343d6e5b35e6df99c1964e7b56fc3 Mon Sep 17 00:00:00 2001
From: mether049 <cstt17009@g.nihon-u.ac.jp>
Date: Tue, 30 Jun 2020 20:23:48 +0900
Subject: [PATCH] Update malware-analysis_ref_and_memo.md

---
 malware-analysis_ref_and_memo.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/malware-analysis_ref_and_memo.md b/malware-analysis_ref_and_memo.md
index d9fd182..12bc447 100644
--- a/malware-analysis_ref_and_memo.md
+++ b/malware-analysis_ref_and_memo.md
@@ -357,6 +357,8 @@ Injecition/Hollowingされたプロセスの自動検出<br>
     - IcedIDのconfig extractor
 - **[CobaltStrikeParser](https://github.com/Sentinel-One/CobaltStrikeParser)**
     - CobaltStrikeのconfig Parser
+- **[De-crypting a TrickBot Crypter](https://zero2auto.com/2020/06/22/decrypting-trickbot-crypter/)**
+    - Trickbotの復号に関する記事
 
 
 # PDF Analysis