From ecf42b24ec6d638bc4c3bbc6642e2ecdbe5c56b3 Mon Sep 17 00:00:00 2001 From: mether049 Date: Wed, 22 Jan 2020 23:53:47 +0900 Subject: [PATCH] Update malware-analysis_ref_and_memo.md --- malware-analysis_ref_and_memo.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/malware-analysis_ref_and_memo.md b/malware-analysis_ref_and_memo.md index aedb35e..71b6da1 100644 --- a/malware-analysis_ref_and_memo.md +++ b/malware-analysis_ref_and_memo.md @@ -91,9 +91,11 @@ |Yomi Sandbox|https://yomi.yoroi.company/upload|| |UnpacMe|https://www.unpac.me/#/|online unpacker,beta| -### Unpacker +### Unpacker/Decryptor - 攻撃者グループTA505が利用するマルウェア(GetandGoDll, Silence, TinyMet, Azorult, KBMiner, etc.)の静的アンパッカー
[TAFOF-Unpacker](https://github.com/Tera0017/TAFOF-Unpacker) +- Trickbotのartifactを取得するためのdecrypter +[Trickbot artifact decrypter](https://github.com/snemes/malware-analysis/tree/master/trickbot) # Doc Analysis - VBA マクロの解析についての資料