From beca70fc079111d6680dbf6b49f3ecd96628ba59 Mon Sep 17 00:00:00 2001 From: mether049 Date: Sun, 16 Feb 2020 23:59:20 +0900 Subject: [PATCH] Update malware-analysis_ref_and_memo.md --- malware-analysis_ref_and_memo.md | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/malware-analysis_ref_and_memo.md b/malware-analysis_ref_and_memo.md index 4abbf79..a516fcc 100644 --- a/malware-analysis_ref_and_memo.md +++ b/malware-analysis_ref_and_memo.md @@ -129,7 +129,10 @@ DFIR,マルウェア解析,OSINTに特化したUbuntuベースのディスト |yarascan|〇| python vol.py -f zeus.vmem yarascan --yara-file=/path/to/rules.yar||| |[malconfscan](https://github.com/JPCERTCC/MalConfScan)|-|python vol.py malconfscan -f images.mem --profile=Win7SP1x64|マルウェアのコンフィグ情報の抽出,cuckooと組み合わせることが可能|[wiki](https://github.com/JPCERTCC/MalConfScan/wiki)| |[malstrscan](https://github.com/JPCERTCC/MalConfScan)|-|python vol.py malstrscan -a -f images.mem --profile=Win7SP1x64||| - + + - [Hexinator](https://hexinator.com/) + - バイナリエディタ + - grammer ### Threat hunting - EQL