静态恶意代码逃逸学习 | CTF导航
Tags
| attack-pattern: | Data |
Common Information
| Type | Value |
|---|---|
| UUID | b82dabd6-142a-4d8a-8030-2f3591bd20f6 |
| Fingerprint | 2f60a028e44cf02e |
| Analysis status | DONE |
| Considered CTI value | -2 |
| Text language | |
| Published | Oct. 1, 2024, midnight |
| Added to db | Oct. 18, 2024, 10:31 a.m. |
| Last updated | Nov. 17, 2024, 7:44 p.m. |
| Headline | 静态恶意代码逃逸学习 |
| Title | 静态恶意代码逃逸学习 | CTF导航 |
| Detected Hints/Tags/Attributes | 16/1/9 |
Source URLs
| Redirection | Url | |
|---|---|---|
| Details | Source | https://www.ctfiot.com/210646.html |
URL Provider
RSS Feed
| Details | Id | Enabled | Feed title | Url | Added to db |
|---|---|---|---|---|---|
| Details | 426 | ✔ | CTF导航 | https://www.ctfiot.com/feed | 2024-08-30 22:08 |
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 4127 | github.com |
|
| Details | Domain | 281 | docs.microsoft.com |
|
| Details | File | 44 | payload.bin |
|
| Details | File | 1 | args.raw |
|
| Details | File | 1 | xor_shellcoder.py |
|
| Details | File | 15 | out.bin |
|
| Details | Github username | 1 | rvn0xsy |
|
| Details | Url | 1 | https://github.com/rvn0xsy/cooolis-ms |
|
| Details | Url | 1 | https://docs.microsoft.com/zh-cn/windows/win32/api/winbase/nf-winbase-createnamedpipea |