nganhkhoa/mether049-malware
1
0
Fork 0
mirror of https://github.com/nganhkhoa/malware.git synced 2024-06-10 21:32:07 +07:00
Code Issues Projects Releases Wiki Activity

Update malware-analysis_ref_and_memo.md

Browse Source
This commit is contained in:
mether049 2020-07-05 23:35:07 +09:00 committed by GitHub
parent fa0f0fb9b9
commit abeb8b57d9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
malware-analysis_ref_and_memo.md
View File

@ -304,7 +304,7 @@ echo $child_process
|MalwareConifg|https://malwareconfig.com/|特定マルウェアからconfig情報を抽出| |MalwareConifg|https://malwareconfig.com/|特定マルウェアからconfig情報を抽出|
|anlyz.io|https://sandbox.anlyz.io/dashboard|| |anlyz.io|https://sandbox.anlyz.io/dashboard||
### Unpacker/Decryptor/Decoder/Extractor/Memory Scanner ### Unpacker/Decryptor/Decoder/Extractor/Memory Scannerh/Deofuscator
- **[TAFOF-Unpacker](https://github.com/Tera0017/TAFOF-Unpacker)<br>** - **[TAFOF-Unpacker](https://github.com/Tera0017/TAFOF-Unpacker)<br>**
攻撃者グループTA505が利用するマルウェア(GetandGoDll, Silence, TinyMet, Azorult, KBMiner, etc.)の静的アンパッカー<br> 攻撃者グループTA505が利用するマルウェア(GetandGoDll, Silence, TinyMet, Azorult, KBMiner, etc.)の静的アンパッカー<br>
- **[Trickbot artifact decrypter](https://github.com/snemes/malware-analysis/tree/master/trickbot)<br>** - **[Trickbot artifact decrypter](https://github.com/snemes/malware-analysis/tree/master/trickbot)<br>**
@ -361,6 +361,8 @@ Injecition/Hollowingされたプロセスの自動検出<br>
- CobaltStrikeのconfig Parser - CobaltStrikeのconfig Parser
- **[De-crypting a TrickBot Crypter](https://zero2auto.com/2020/06/22/decrypting-trickbot-crypter/)** - **[De-crypting a TrickBot Crypter](https://zero2auto.com/2020/06/22/decrypting-trickbot-crypter/)**
- Trickbotの復号に関する記事 - Trickbotの復号に関する記事
- **[de4dot](https://github.com/0xd4d/de4dot)**
- .NET系のDeofuscatorおよびUnpacker
# PDF Analysis # PDF Analysis