mirror of
https://github.com/nganhkhoa/malware.git
synced 2024-06-10 21:32:07 +07:00
Update malware-tech_ref_and_memo.md
This commit is contained in:
parent
64c0abc951
commit
12c4ec0962
@ -13,7 +13,7 @@
|
||||
|
||||
### Dll Injection
|
||||
- 正規プロセス探索->プロセスのハンドル取得->メモリ領域確保->悪性DLL注入->実行
|
||||
- e.g. CreateToolhelp32Snapshot,Process32First,Process32Next->OpenProcess->VirtualAllocEx->WriteProcessMemory->CreateRemoteThread
|
||||
- e.g. CreateToolhelp32Snapshot,Process32First,Process32Next->OpenProcess->VirtualAllocEx->WriteProcessMemory->CreateRemoteThread<br>
|
||||
[07b8f25e7b536f5b6f686c12d04edc37e11347c8acd5c53f98a174723078c365](https://www.virustotal.com/gui/file/07b8f25e7b536f5b6f686c12d04edc37e11347c8acd5c53f98a174723078c365/detection)
|
||||
### Thread Execution Hijacking
|
||||
- 正規プロセス,スレッド探索->スレッドのハンドル取得->スレッド停止->メモリ領域確保->悪性コード注入->EIP書き換え->実行
|
||||
|
Loading…
Reference in New Issue
Block a user