sitcon2016, 防毒擋不住?勒索軟體猖獗與實作
TRANSCRIPT
![Page 1: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/1.jpg)
防毒擋不住︖ 勒索軟體猖獗與實作
![Page 2: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/2.jpg)
adr.horse
![Page 3: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/3.jpg)
![Page 4: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/4.jpg)
![Page 5: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/5.jpg)
![Page 6: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/6.jpg)
![Page 7: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/7.jpg)
![Page 8: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/8.jpg)
![Page 9: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/9.jpg)
![Page 10: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/10.jpg)
![Page 11: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/11.jpg)
![Page 12: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/12.jpg)
![Page 13: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/13.jpg)
實務分辨病毒與非病毒
![Page 14: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/14.jpg)
病毒是什麼
![Page 15: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/15.jpg)
替使⽤者安裝Chrome瀏覽器
![Page 16: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/16.jpg)
![Page 17: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/17.jpg)
替使⽤者安裝Chrome瀏覽器 + Hao123
![Page 18: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/18.jpg)
替使⽤者安裝Chrome瀏覽器 + 百度全家桶
![Page 19: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/19.jpg)
替使⽤者安裝Chrome瀏覽器 + 百度全家桶
![Page 20: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/20.jpg)
![Page 21: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/21.jpg)
![Page 22: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/22.jpg)
蒐集信⽤卡號、個資 後⾨⽊⾺
![Page 23: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/23.jpg)
![Page 24: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/24.jpg)
我要偷偷上傳使⽤者裸照
我要偷偷幫磺胺粉絲團按讚
我要偷偷上傳使⽤者信⽤卡號
偷偷幫使⽤者過年存壓歲錢
![Page 25: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/25.jpg)
你這個壞寶寶!檔名為virus.exe 就不準使⽤者下載(加入到雲端⿊名單)
![Page 26: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/26.jpg)
哇!是好寶寶捏,放⾏~放⾏~
![Page 27: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/27.jpg)
![Page 28: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/28.jpg)
好的,VIRUS.exe先⽣,
您的指紋是 MD5( 三圍+身⾼+體重... ) 我已經把您備份到壞蛋資料庫囉!
![Page 29: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/29.jpg)
嗯...⿊名單中好像還沒看到這位先⽣呀,應該不是壞⼈吧︖
![Page 30: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/30.jpg)
嗯...⿊名單中好像還沒看到這位先⽣呀,應該不是壞⼈吧︖
長⼤啦~~~
![Page 31: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/31.jpg)
嗯...⿊名單中好像還沒看到這位先⽣呀,應該不是壞⼈吧︖
變⾊龍yo
![Page 32: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/32.jpg)
![Page 33: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/33.jpg)
![Page 34: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/34.jpg)
![Page 36: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/36.jpg)
![Page 37: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/37.jpg)
![Page 38: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/38.jpg)
![Page 39: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/39.jpg)
那我就檢測程式靜態⽂字中帶有 18upSeaDog.com就禁⽌開啟
我要不停地彈出⾊情網⾴ 18upSeaDog.com
![Page 40: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/40.jpg)
我要下終端機命令: taskkill -f -im Anti-Virus.exe
![Page 41: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/41.jpg)
![Page 42: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/42.jpg)
我要不停地彈出⾊情網⾴ 18upSeaDog.com
那我就檢測程式靜態⽂字中帶有 18upSeaDog.com就禁⽌開啟
![Page 44: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/44.jpg)
![Page 45: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/45.jpg)
![Page 46: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/46.jpg)
![Page 47: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/47.jpg)
![Page 48: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/48.jpg)
![Page 49: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/49.jpg)
1 2 3
4 5 6
7 8 9
![Page 50: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/50.jpg)
![Page 51: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/51.jpg)
6B ? ? ? ? E8 ? ? ? ? E8 ? ? ? ? 83 C4 30
![Page 52: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/52.jpg)
![Page 53: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/53.jpg)
![Page 54: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/54.jpg)
![Page 55: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/55.jpg)
Lv.20
![Page 56: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/56.jpg)
C&C
Shell
![Page 57: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/57.jpg)
![Page 58: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/58.jpg)
![Page 59: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/59.jpg)
![Page 60: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/60.jpg)
![Page 61: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/61.jpg)
![Page 62: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/62.jpg)
![Page 63: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/63.jpg)
![Page 64: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/64.jpg)
![Page 65: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/65.jpg)
![Page 66: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/66.jpg)
![Page 67: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/67.jpg)
![Page 68: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/68.jpg)
![Page 69: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/69.jpg)
到此為⽌, 以上都屬於靜態部分的攻防戰
![Page 70: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/70.jpg)
![Page 71: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/71.jpg)
在網路上查詢「免殺教程」 教程都在教你如何過「靜態檢測」
![Page 72: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/72.jpg)
![Page 73: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/73.jpg)
![Page 74: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/74.jpg)
![Page 75: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/75.jpg)
![Page 76: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/76.jpg)
![Page 77: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/77.jpg)
![Page 78: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/78.jpg)
ler (´・_・`) QQ
![Page 79: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/79.jpg)
![Page 80: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/80.jpg)
![Page 81: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/81.jpg)
![Page 82: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/82.jpg)
![Page 83: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/83.jpg)
![Page 84: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/84.jpg)
Malware
![Page 85: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/85.jpg)
Malware
![Page 86: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/86.jpg)
Malware
Malware
![Page 87: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/87.jpg)
![Page 88: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/88.jpg)
![Page 89: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/89.jpg)
![Page 90: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/90.jpg)
![Page 91: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/91.jpg)
![Page 92: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/92.jpg)
![Page 93: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/93.jpg)
![Page 94: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/94.jpg)
![Page 95: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/95.jpg)
![Page 96: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/96.jpg)
勒索軟體與實作
![Page 97: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/97.jpg)
CryptoWall 4.0 5384f752e3a2b59fad9d0f143ce0215a
![Page 98: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/98.jpg)
![Page 99: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/99.jpg)
![Page 100: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/100.jpg)
![Page 101: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/101.jpg)
RansomwareExplorer.exe
Svchost.exe
RSA
![Page 102: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/102.jpg)
Ransomware AES
AES
AES
![Page 103: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/103.jpg)
![Page 104: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/104.jpg)
![Page 105: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/105.jpg)
![Page 106: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/106.jpg)
![Page 107: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/107.jpg)
Ransomware
AES Key
RSARSA
C&C RSA AES Key
AES
![Page 108: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/108.jpg)
![Page 109: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/109.jpg)
![Page 110: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/110.jpg)
![Page 111: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/111.jpg)
![Page 112: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/112.jpg)
![Page 113: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/113.jpg)
![Page 114: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/114.jpg)
![Page 115: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/115.jpg)
![Page 116: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/116.jpg)
防毒軟體都在幹嘛
![Page 117: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/117.jpg)
防毒軟體都在幹嘛
![Page 118: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/118.jpg)
結語
![Page 119: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/119.jpg)
![Page 120: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/120.jpg)
![Page 121: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/121.jpg)
![Page 122: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/122.jpg)
![Page 123: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/123.jpg)
你知道現在病毒也懂跨平台開發嗎︖
![Page 124: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/124.jpg)
![Page 125: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/125.jpg)
![Page 126: SITCON2016, 防毒擋不住?勒索軟體猖獗與實作](https://reader034.vdocuments.mx/reader034/viewer/2022042507/587a71e91a28ab8a2a8b8037/html5/thumbnails/126.jpg)