nganhkhoa/mether049-malware
1
0
Fork 0
mirror of https://github.com/nganhkhoa/malware.git synced 2024-06-10 21:32:07 +07:00
Code Issues Projects Releases Wiki Activity

Update malware-tech_ref_and_memo.md

Browse Source
This commit is contained in:
mether049 2020-03-07 00:04:11 +09:00 committed by GitHub
parent 52cdc346ad
commit f25d167dde
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 3 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
malware-tech_ref_and_memo.md
View File

@ -1,6 +1,9 @@
# Anti-analysis/detection
- Anti-analysisに利用されるAPIファイル名プロセス名dllレジストリ等の一覧まとめ<br>
[Collection of Anti-Malware Analysis Tricks.(2016-10)](https://forum.tuts4you.com/topic/38931-collection-of-anti-malware-analysis-tricks/)
- マルウェアが使用する各検知回避テクニックについてのまとめ<br>
[Evasion techniques,checkpoint,2020](https://evasions.checkpoint.com/)
## Injection/Hollowing
- 正規プロセス等のアドレス空間にコードを注入することで検知や分析を妨害するTechnique
- 利用される正規プロセスsvchost.exe,explorer.exe,regsvr32.exe,etc.