mirror of
https://github.com/nganhkhoa/malware.git
synced 2024-06-10 21:32:07 +07:00
Update malware-analysis_ref_and_memo.md
This commit is contained in:
parent
836c0ccd5d
commit
14607c03ab
@ -147,6 +147,15 @@ DFIR,マルウェア解析,OSINTに特化したUbuntuベースのディスト
|
||||
- RegShot
|
||||
- RegistryChangesView
|
||||
- CyberChef
|
||||
- wql
|
||||
- wqlで子プロセスの検索
|
||||
```
|
||||
$procs=Start-Process "programname.exe" -PassThru
|
||||
echo $procs.Id
|
||||
$queryNameVersion="SELECT * FROM Win32_Process WHERE ParentProcessId=" + $procs.Id
|
||||
$child_process=Get-WmiObject -Query $queryNameVersion
|
||||
echo $child_process
|
||||
```
|
||||
|
||||
### Online Sandbox
|
||||
|name|site|remarks|
|
||||
|
Loading…
Reference in New Issue
Block a user