mirror of
https://github.com/nganhkhoa/malware.git
synced 2024-06-10 21:32:07 +07:00
Update malware-analysis_ref_and_memo.md
This commit is contained in:
mether049
GitHub
parent
ff5998398b
commit
e33f2de0f1
@ -375,8 +375,26 @@ Injecition/Hollowingされたプロセスの自動検出<br>
|
|||||||
- [PowerShell Core(PowerShell 7+)](https://docs.microsoft.com/ja-jp/powershell/scripting/install/installing-powershell-core-on-windows?view=powershell-7)
|
- [PowerShell Core(PowerShell 7+)](https://docs.microsoft.com/ja-jp/powershell/scripting/install/installing-powershell-core-on-windows?view=powershell-7)
|
||||||
- [LibreOffice](https://ja.libreoffice.org/)
|
- [LibreOffice](https://ja.libreoffice.org/)
|
||||||
- ref:
|
- ref:
|
||||||
- [vbastomp.com](https://vbastomp.com/)
|
- [vbastomp.com](https://vbastomp.com/)
|
||||||
- [Advanced VBA Macros Attack&Defence,BHEU2019](https://www.decalage.info/files/eu-19-Lagadec-Advanced-VBA-Macros-Attack-And-Defence.pdf)
|
- [Advanced VBA Macros Attack&Defence,BHEU2019](https://www.decalage.info/files/eu-19-Lagadec-Advanced-VBA-Macros-Attack-And-Defence.pdf)
|
||||||
|
- vba memo
|
||||||
|
- Using WScript.Shell
|
||||||
|
```
|
||||||
|
Dim wsh As New WshShell
|
||||||
|
or
|
||||||
|
Dim wsh As Object
|
||||||
|
Set wsh = CreateObject("Wscript.Shell")
|
||||||
|
```
|
||||||
|
- StateMent
|
||||||
|
- Call
|
||||||
|
- dllを呼び出せる
|
||||||
|
- プロシージャを呼び出す
|
||||||
|
- `Call name [argumentlist]`
|
||||||
|
- Function
|
||||||
|
- [Commmand](https://docs.microsoft.com/ja-jp/office/vba/language/reference/user-interface-help/command-function)
|
||||||
|
- コマンドライン引数を取得
|
||||||
|
- [ExecuteExcel4Macro](https://docs.microsoft.com/ja-jp/office/vba/api/excel.application.executeexcel4macro)
|
||||||
|
- Excel4.0のマクロを実行
|
||||||
|
|
||||||
# JavaScript Analysis
|
# JavaScript Analysis
|
||||||
- **[JS Beautify](https://github.com/beautify-web/js-beautify)**
|
- **[JS Beautify](https://github.com/beautify-web/js-beautify)**
|
||||||
|
|||||||
Loading…
Reference in New Issue
Block a user