1
0
mirror of https://github.com/nganhkhoa/malware.git synced 2024-06-10 21:32:07 +07:00

Update malware-analysis_ref_and_memo.md

This commit is contained in:
mether049 2020-03-21 00:28:35 +09:00 committed by GitHub
parent ff5998398b
commit e33f2de0f1
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23

View File

@ -377,6 +377,24 @@ Injecition/Hollowingされたプロセスの自動検出<br>
- ref:
- [vbastomp.com](https://vbastomp.com/)
- [Advanced VBA Macros Attack&Defence,BHEU2019](https://www.decalage.info/files/eu-19-Lagadec-Advanced-VBA-Macros-Attack-And-Defence.pdf)
- vba memo
- Using WScript.Shell
```
Dim wsh As New WshShell
or
Dim wsh As Object
Set wsh = CreateObject("Wscript.Shell")
```
- StateMent
- Call
- dllを呼び出せる
- プロシージャを呼び出す
- `Call name [argumentlist]`
- Function
- [Commmand](https://docs.microsoft.com/ja-jp/office/vba/language/reference/user-interface-help/command-function)
- コマンドライン引数を取得
- [ExecuteExcel4Macro](https://docs.microsoft.com/ja-jp/office/vba/api/excel.application.executeexcel4macro)
- Excel4.0のマクロを実行
# JavaScript Analysis
- **[JS Beautify](https://github.com/beautify-web/js-beautify)**