Week of Data Dumps, Part 2 – GUIDs
2022-7-23 04:40:0 Author: www.hexacorn.com(查看原文) 阅读量:27 收藏

July 22, 2022 in Archaeology, Clustering, File Formats ZOO

There was a time when knowing GUIDs of adware/spyware you could instantly attribute a sample to a known rogue company or group. Of course, these days are long gone, but what’s left behind is knowledge which GUIDs map to what…

GUIDs are all over the place – there are CLSIDs, UUIDs, they can refer to classes, interfaces, object properties, known folder IDs, even old ActiveX controls and IE toolbars, and new ones keep coming in ! So how do we know which ones are important?

My recipe was to always collect as many of these as possible!

This is a small excerpt from some quick regex-fu over HijackThis Logs. And here is a list of GUIDs I have built over the years.


文章来源: https://www.hexacorn.com/blog/2022/07/22/week-of-data-dumps-part-2-guids/
如有侵权请联系:admin#unsafe.sh