ch0ic3/CyberThreatIntel
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Update Analysis_2020-02-08.md

Browse Source
This commit is contained in:
StrangerealIntel 2020-02-13 13:31:30 +01:00 committed by GitHub
parent daac306637
commit 0753d8c441
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
Additional Analysis/Neutrino/Analysis_2020-02-08.md
View File

@ -77,7 +77,7 @@ Sub AddSpace()
End Sub
```
<h6> The first two functions used by the macro are for encoded and decode in base 64 in using multiples interations of the data.</h6>
<h6> The first two functions used by the macro are for encoded and decode in base 64 in using multiples interations of the data. This code can be seen in a post of a code forum seven years ago (cf links).</h6>
``` VBA
Public Function Encode64(sString As String) As String
@ -438,7 +438,7 @@ Path: C:\Users\admin\AppData\Roaming\Z0BAZwxx\{Filename}
|Defense Evasion|Disabling Security Tools|https://attack.mitre.org/techniques/T1089/|
|Discovery|Query Registry<br>System Information Discovery|https://attack.mitre.org/techniques/T1012/<br>https://attack.mitre.org/techniques/T1082/|
<h6> This can be exported as JSON format <a href="https://github.com/StrangerealIntel/CyberThreatIntel/blob/master/Additional%20Analysis/Neutrino/Json/TTPs.json"></a></h6>
<h6> This can be exported as <a href="https://github.com/StrangerealIntel/CyberThreatIntel/blob/master/Additional%20Analysis/Neutrino/Json/TTPs.json">JSON</a>format</h6>
<h2>Yara Rules<a name="Yara"></a></h2>
<h6> YARA Rules are available <a href="https://github.com/StrangerealIntel/CyberThreatIntel/blob/master/Additional%20Analysis/Neutrino/Yara/Yara_Neutrino.yar">here</a></h6>
<h2>Links <a name="Links"></a></h2>