diff --git a/malware-tech_ref_and_memo.md b/malware-tech_ref_and_memo.md
index 65a3882..50dc0ef 100644
--- a/malware-tech_ref_and_memo.md
+++ b/malware-tech_ref_and_memo.md
@@ -92,7 +92,18 @@ to do...
[The 0x33 Segment Selector (Heavens Gate)](https://www.malwaretech.com/2014/02/the-0x33-segment-selector-heavens-gate.html)
## API obfuscation
-[A Museum of API Obfuscation on Win32](http://eval.symantec.com/mktginfo/enterprise/media/security_response/whitepapers/a_museum_of_api_obfuscation_on_win32.pdf)
+[A Museum of API Obfuscation on Win32](https://www.symantec.com/content/en/us/enterprise/media/security_response/whitepapers/a_museum_of_api_obfuscation_on_win32.pdf)
+### Using GetProcAddress and GetModulehandleA
+- GetProcAddressを利用して呼び出したいAPIのアドレスを動的に解決する
+- GetProcAddressの引数は第一引数に対象dllのハンドルを指定(i.e. GetModuleHandleA("kernel32.dll"))し,第二引数にdllから呼び出したいAPI名を指定
+```
+FARPROC GetProcAddress(
+ HMODULE hModule,
+ LPCSTR lpProcName
+);
+```
+
+
## PowerShell Script obfuscation
- 難読化ツール