mirror of
https://github.com/nganhkhoa/malware.git
synced 2024-06-10 21:32:07 +07:00
Update malware-analysis_ref_and_memo.md
This commit is contained in:
parent
9b3bb06b03
commit
496cc6188f
@ -256,14 +256,17 @@ Injecition/Hollowingされたプロセスの自動検出<br>
|
||||
RTFファイルからOLEパッケージオブジェクトを検出し、埋め込みファイルを抽出<br>
|
||||
|
||||
# C2 Analysis
|
||||
- [C2MATRIX](https://www.thec2matrix.com/matrix)<br>
|
||||
- オープンソースのC2フレームワークとその比較表
|
||||
- [SpreadSheet](https://docs.google.com/spreadsheets/d/1b4mUxa6cDQuTV2BPC6aA-GR4zGZi0ooPYtBe4IgPsSc/edit#gid=0)
|
||||
|
||||
### Emotet
|
||||
- [Emutet](https://github.com/d00rt/emotet_network_protocol)<br>
|
||||
Emotetのc2通信部分のエミュレータ<br>
|
||||
|
||||
- Emotetのc2通信部分のエミュレータ<br>
|
||||
|
||||
### Ursnif
|
||||
- Ursnif(version 2)のc2通信の仕組みと復号ツールについて<br>
|
||||
[Writing Malware Traffic Decrypters for ISFB/Ursnif](https://labs.sentinelone.com/writing-malware-traffic-decrypters-for-isfb-ursnif/)
|
||||
- [Writing Malware Traffic Decrypters for ISFB/Ursnif](https://labs.sentinelone.com/writing-malware-traffic-decrypters-for-isfb-ursnif/)
|
||||
|
||||
# Binary Analysis
|
||||
### Unpacking
|
||||
|
Loading…
Reference in New Issue
Block a user