From 4370ce7a7e9d0abb501f4bd4455d26d37c6b5f3b Mon Sep 17 00:00:00 2001 From: mether049 Date: Fri, 14 Feb 2020 00:53:02 +0900 Subject: [PATCH] Update malware-analysis_ref_and_memo.md --- malware-analysis_ref_and_memo.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/malware-analysis_ref_and_memo.md b/malware-analysis_ref_and_memo.md index 5cf1e73..a34a1f7 100644 --- a/malware-analysis_ref_and_memo.md +++ b/malware-analysis_ref_and_memo.md @@ -211,6 +211,8 @@ Injecition/Hollowingされたプロセスの自動検出
> - Image Load Operations
> - Kernel Audit APIs usage
> - etc.
+- [Bisonal Analysis Utils](https://www.nttsecurity.com/docs/librariesprovider3/resources/Japan/bisonal-utils) + - Bisonalに含まれる文字列のデコード,通信の復号,yaraルール # Doc Analysis