| 일 | 월 | 화 | 수 | 목 | 금 | 토 |
|---|---|---|---|---|---|---|
| 1 | 2 | 3 | 4 | 5 | ||
| 6 | 7 | 8 | 9 | 10 | 11 | 12 |
| 13 | 14 | 15 | 16 | 17 | 18 | 19 |
| 20 | 21 | 22 | 23 | 24 | 25 | 26 |
| 27 | 28 | 29 | 30 | 31 |
- pytest
- 포인터 매핑
- Python
- hex-rays
- why error
- error
- error fix
- mock.patch
- NumPy Unicode Error
- h5py.File
- debugging
- malware
- TensorFlow
- commandline
- idapython
- Analysis
- open office xml
- data distribution
- Rat
- javascript
- ecma
- ida
- svn update
- Ransomware
- x64
- idapro
- ida pro
- MySQL
- Injection
- idb2pat
- Today
- Total
목록2014/07/13 (2)
13 Security Lab
Many programs that you install are automatically run when you start your computer and load Windows. For the majority of cases, this type of behavior is fine. Unfortunately, there are programs that are not legitimate, such as spyware, hijackers, trojans, worms, viruses, that load is this manner as well. It is therefore important that you check regularly your startup registry keys regularly. Windo..
악용 가능 레지스트리
시작 프로그램에 등록 HKCU\Software\Microsoft\Windows\CurrentVersion\Run 로그인시 시작HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\ IE나 Explorer가 실행될때마다 등록된 DLL 실행HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers 보호된 운영체제 파일 숨기기 – 숨김HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\SuperHidden: 0x0 숨김 파일 및 폴더 표시 – 숨김HKCU\Software\Micro..