From c0485a91ccbf8c470ac3a5ec49aa2f9e64504c11 Mon Sep 17 00:00:00 2001
From: mether049 <cstt17009@g.nihon-u.ac.jp>
Date: Sun, 4 Oct 2020 00:33:01 +0900
Subject: [PATCH] Update malware-analysis_ref_and_memo.md

---
 malware-analysis_ref_and_memo.md | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/malware-analysis_ref_and_memo.md b/malware-analysis_ref_and_memo.md
index 85423ff..0f0eafe 100644
--- a/malware-analysis_ref_and_memo.md
+++ b/malware-analysis_ref_and_memo.md
@@ -547,6 +547,8 @@ Injecition/Hollowingされたプロセスの自動検出<br>
 - exiftoolでもパース可能
 - [[MS-SHLLINK]: Shell Link (.LNK) Binary File Format](https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-shllink/16cb4ca1-9339-4d0c-a68d-bf1d6cc0f943?redirectedfrom=MSDN)
     - .lnkファイルのバイナリフォーマット
+- **[LECmd.exe](https://github.com/EricZimmerman/LECmd )**
+- **[lp.exe](https://tzworks.net/prototype_page.php?proto_id=11)**
 
 # C2 Analysis
 - **[C2MATRIX](https://www.thec2matrix.com/matrix)<br>**