1
0
mirror of https://github.com/nganhkhoa/malware.git synced 2024-06-10 21:32:07 +07:00

Update malware-analysis_ref_and_memo.md

This commit is contained in:
mether049 2020-07-05 23:35:07 +09:00 committed by GitHub
parent fa0f0fb9b9
commit abeb8b57d9
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -304,7 +304,7 @@ echo $child_process
|MalwareConifg|https://malwareconfig.com/|特定マルウェアからconfig情報を抽出|
|anlyz.io|https://sandbox.anlyz.io/dashboard||
### Unpacker/Decryptor/Decoder/Extractor/Memory Scanner
### Unpacker/Decryptor/Decoder/Extractor/Memory Scannerh/Deofuscator
- **[TAFOF-Unpacker](https://github.com/Tera0017/TAFOF-Unpacker)<br>**
攻撃者グループTA505が利用するマルウェア(GetandGoDll, Silence, TinyMet, Azorult, KBMiner, etc.)の静的アンパッカー<br>
- **[Trickbot artifact decrypter](https://github.com/snemes/malware-analysis/tree/master/trickbot)<br>**
@ -361,6 +361,8 @@ Injecition/Hollowingされたプロセスの自動検出<br>
- CobaltStrikeのconfig Parser
- **[De-crypting a TrickBot Crypter](https://zero2auto.com/2020/06/22/decrypting-trickbot-crypter/)**
- Trickbotの復号に関する記事
- **[de4dot](https://github.com/0xd4d/de4dot)**
- .NET系のDeofuscatorおよびUnpacker
# PDF Analysis