diff --git a/malware-tech_ref_and_memo.md b/malware-tech_ref_and_memo.md
index 65a3882..50dc0ef 100644
--- a/malware-tech_ref_and_memo.md
+++ b/malware-tech_ref_and_memo.md
@@ -92,7 +92,18 @@ to do...
 [The 0x33 Segment Selector (Heavens Gate)](https://www.malwaretech.com/2014/02/the-0x33-segment-selector-heavens-gate.html)<br>
 
 ## API obfuscation
-[A Museum of API Obfuscation on Win32](http://eval.symantec.com/mktginfo/enterprise/media/security_response/whitepapers/a_museum_of_api_obfuscation_on_win32.pdf)<br>
+[A Museum of API Obfuscation on Win32](https://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/a_museum_of_api_obfuscation_on_win32.pdf)<br>
+### Using GetProcAddress and GetModulehandleA
+- GetProcAddressを利用して呼び出したいAPIのアドレスを動的に解決する
+- GetProcAddressの引数は第一引数に対象dllのハンドルを指定(i.e. GetModuleHandleA("kernel32.dll"))し，第二引数にdllから呼び出したいAPI名を指定
+```
+FARPROC GetProcAddress(
+  HMODULE hModule,
+  LPCSTR  lpProcName
+);
+```
+
+
 
 ## PowerShell Script obfuscation
 - 難読化ツール<br>