mirror of
https://github.com/nganhkhoa/malware.git
synced 2024-06-10 21:32:07 +07:00
Update malware-analysis_ref_and_memo.md
This commit is contained in:
mether049
GitHub
parent
836c0ccd5d
commit
14607c03ab
@ -147,6 +147,15 @@ DFIR,マルウェア解析,OSINTに特化したUbuntuベースのディスト
|
|||||||
- RegShot
|
- RegShot
|
||||||
- RegistryChangesView
|
- RegistryChangesView
|
||||||
- CyberChef
|
- CyberChef
|
||||||
|
- wql
|
||||||
|
- wqlで子プロセスの検索
|
||||||
|
```
|
||||||
|
$procs=Start-Process "programname.exe" -PassThru
|
||||||
|
echo $procs.Id
|
||||||
|
$queryNameVersion="SELECT * FROM Win32_Process WHERE ParentProcessId=" + $procs.Id
|
||||||
|
$child_process=Get-WmiObject -Query $queryNameVersion
|
||||||
|
echo $child_process
|
||||||
|
```
|
||||||
|
|
||||||
### Online Sandbox
|
### Online Sandbox
|
||||||
|name|site|remarks|
|
|name|site|remarks|
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user