aljaz/securedorg.github.io
1
0
Fork 0
mirror of https://github.com/aljazceru/securedorg.github.io.git synced 2025-12-23 00:44:22 +01:00
Code Issues Packages Projects Releases Wiki Activity

adding reference malware

Browse Source
This commit is contained in:
Amanda Rousseau
2017-03-20 16:13:37 -07:00
parent fdd752e7ef
commit 412620b842
1 changed files with 24 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
malware.md
View File

@@ -135,13 +135,13 @@ Example: Dll Search Order Hijacking
* Dll Side Loading * Dll Side Loading
* Masquerading * Masquerading
* Process Hallowing * Process Hallowing
* Code Injection
### Example Malware ### Example Malware
| Name | Hash | Link | | Name | Hash | Link |
| --- | --- | --- | | --- | --- | --- |
| mimikatz | b4d7bfcfb8f85c4d2fb8cb33c1d6380e5b7501e492edf3787adee42e29e0bb25 | [virustotal](https://www.virustotal.com/en/file/b4d7bfcfb8f85c4d2fb8cb33c1d6380e5b7501e492edf3787adee42e29e0bb25/analysis/) | | darkcomet backdoor | 1be0ca062facda59239cc5621d0a3807a84ed7d39377041489b09d3870958fee | [virustotal](https://www.virustotal.com/en/file/1be0ca062facda59239cc5621d0a3807a84ed7d39377041489b09d3870958fee/analysis/) |
[Goto Top^](#techniques-overview) [Goto Top^](#techniques-overview)
@@ -179,6 +179,14 @@ Credential theft
* Enable an adversary to access and control remote systems on a network and could * Enable an adversary to access and control remote systems on a network and could
### Example Malware
| Name | Hash | Link |
| --- | --- | --- |
| winmail.dat^QGIS-KOMIT .zip^QGIS-KOMIT .exe | c0f38384dd6c1536a0e19100b8d82759e240d58ed6ba50b433e892e02e819ebb | [virustotal](https://www.virustotal.com/en/file/c0f38384dd6c1536a0e19100b8d82759e240d58ed6ba50b433e892e02e819ebb/analysis/) |
[Goto Top^](#techniques-overview) [Goto Top^](#techniques-overview)
--- ---
@@ -198,6 +206,12 @@ Credential theft
* Identify and gather information, such as sensitive files, from a target network prior to exfiltration * Identify and gather information, such as sensitive files, from a target network prior to exfiltration
### Example Malware
| Name | Hash | Link |
| --- | --- | --- |
| keylogger | 5d5c01d72216410767d089a3aabddf7fdbe3b88aff3b51b6d32280c3439038fa | [virustotal](https://www.virustotal.com/en/file/5d5c01d72216410767d089a3aabddf7fdbe3b88aff3b51b6d32280c3439038fa/analysis/) |
[Goto Top^](#techniques-overview) [Goto Top^](#techniques-overview)
--- ---
@@ -216,6 +230,14 @@ Credential theft
* Communicate with systems under their control * Communicate with systems under their control
### Example Malware
| Name | Hash | Link |
| --- | --- | --- |
| backdoor | 02fc2d262cb0d5e9d3e8202ea69013c5c8cc197685c73c0689cbeb243d508e76 | [virustotal](https://www.virustotal.com/en/file/02fc2d262cb0d5e9d3e8202ea69013c5c8cc197685c73c0689cbeb243d508e76/analysis/) |
[Goto Top^](#techniques-overview) [Goto Top^](#techniques-overview)
[x86 Assembly <- Back](https://securedorg.github.io/RE101/section1.3) | [Next -> Section 3](https://securedorg.github.io/RE101/section3) [x86 Assembly <- Back](https://securedorg.github.io/RE101/section1.3) | [Next -> Section 3](https://securedorg.github.io/RE101/section3)