1
0
mirror of https://github.com/nganhkhoa/malware.git synced 2024-06-10 21:32:07 +07:00

Update malware-analysis_ref_and_memo.md

This commit is contained in:
mether049 2020-03-22 23:55:24 +09:00 committed by GitHub
parent 27576ce16d
commit 76a1114d0e
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -374,6 +374,8 @@ Injecition/Hollowingされたプロセスの自動検出<br>
- [.NET Core](https://docs.microsoft.com/ja-jp/dotnet/core/install/linux-package-manager-ubuntu-1604) - [.NET Core](https://docs.microsoft.com/ja-jp/dotnet/core/install/linux-package-manager-ubuntu-1604)
- [PowerShell Core(PowerShell 7+)](https://docs.microsoft.com/ja-jp/powershell/scripting/install/installing-powershell-core-on-windows?view=powershell-7) - [PowerShell Core(PowerShell 7+)](https://docs.microsoft.com/ja-jp/powershell/scripting/install/installing-powershell-core-on-windows?view=powershell-7)
- [LibreOffice](https://ja.libreoffice.org/) - [LibreOffice](https://ja.libreoffice.org/)
- **exiftool**
- HyperLinkBabse等のプロパティにコマンド等が格納されているケースもある
- ref: - ref:
- [vbastomp.com](https://vbastomp.com/) - [vbastomp.com](https://vbastomp.com/)
- [Advanced VBA Macros Attack&Defence,BHEU2019](https://www.decalage.info/files/eu-19-Lagadec-Advanced-VBA-Macros-Attack-And-Defence.pdf) - [Advanced VBA Macros Attack&Defence,BHEU2019](https://www.decalage.info/files/eu-19-Lagadec-Advanced-VBA-Macros-Attack-And-Defence.pdf)