Sample API calling routine for later T17 versions of EMDIVI
EMDIVI t17 versions and magic numbers
出典: https://blog.trendmicro.com/trendlabs-security-intelligence/attackers-target-organizations-in-japan-transform-local-sites-into-cc-servers-for-emdivi-backdoor/
【ブログ】
◆Attackers Target Organizations in Japan; Transform Local Sites into C&C Servers for EMDIVI Backdoor (Trendmicro, 2015/09/01)
https://blog.trendmicro.com/trendlabs-security-intelligence/attackers-target-organizations-in-japan-transform-local-sites-into-cc-servers-for-emdivi-backdoor/