{"id":535254,"date":"2021-09-01T05:57:28","date_gmt":"2021-08-31T21:57:28","guid":{"rendered":"http:\/\/4563.org\/?p=535254"},"modified":"2021-09-01T05:57:28","modified_gmt":"2021-08-31T21:57:28","slug":"%e8%af%b7%e9%97%ae%e6%9c%89-v-%e5%8f%8b%e8%83%bd%e5%b8%ae%e5%bf%99%e5%88%86%e4%ba%ab%e4%b8%80%e4%b8%8b%e8%bf%99%e4%b8%aa-dll-%e4%b9%88%ef%bc%8c%e6%9d%a5%e8%87%aa%e4%b8%80%e4%b8%aa%e7%bc%96%e6%9b%b2","status":"publish","type":"post","link":"http:\/\/4563.org\/?p=535254","title":{"rendered":"\u8bf7\u95ee\u6709 V \u53cb\u80fd\u5e2e\u5fd9\u5206\u4eab\u4e00\u4e0b\u8fd9\u4e2a dll \u4e48\uff0c\u6765\u81ea\u4e00\u4e2a\u7f16\u66f2\u63d2\u4ef6\uff0c\u603b\u662f\u88ab Windows Defender \u62a5\u4e3a\u75c5\u6bd2\uff0c\u867d\u7136\u6211\u77e5\u9053\u5927\u6982\u7387\u662f\u8bef\u62a5\uff0c\u4f46\u603b\u6709\u70b9\u4e0d\u653e\u5fc3"},"content":{"rendered":"<div>\n<div>\n<div>\n<h1> \u8bf7\u95ee\u6709 V \u53cb\u80fd\u5e2e\u5fd9\u5206\u4eab\u4e00\u4e0b\u8fd9\u4e2a dll \u4e48\uff0c\u6765\u81ea\u4e00\u4e2a\u7f16\u66f2\u63d2\u4ef6\uff0c\u603b\u662f\u88ab Windows Defender \u62a5\u4e3a\u75c5\u6bd2\uff0c\u867d\u7136\u6211\u77e5\u9053\u5927\u6982\u7387\u662f\u8bef\u62a5\uff0c\u4f46\u603b\u6709\u70b9\u4e0d\u653e\u5fc3 <\/h1>\n<p> <\/p>\n<div>\n<div> <span>\u8cc7\u6df1\u5927\u4f6c : theklf4 <\/span>  <span><i><\/i> 9<\/span> <\/div>\n<div> <\/div>\n<\/p><\/div>\n<\/p><\/div>\n<\/p><\/div>\n<div isfirst=\"1\"> VirusTotal \u62a5\u544a\uff1a<br \/>www.virustotal.com\/gui\/file\/7a9c85ccfd16a4fd8ab316d4a08e675ed81736d1b600d02287e2dbe5a3eacb37\/detection<br \/>\u6837\u672c\u6587\u4ef6\uff08\u53bb\u6389*\uff0c\u4e0d\u7136\u53d1\u4e0d\u51fa\u6765\uff09\uff1a<br \/>drive.google.com\/file\/d\/1XHySBGhtdXH*ktnc5t7qs2vzU27qAiwGl\/view<br \/>\u5927\u5c0f\u53ea\u6709 4KB  <\/div>\n<div> <b>\u5927\u4f6c\u6709\u8a71\u8aaa<\/b> (<span>16<\/span>) <\/div>\n<div> <\/div>\n<\/p><\/div>\n<\/p><\/div>\n<ul>\n<li data-pid=\"6690756\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u8cc7\u6df1\u5927\u4f6c : AoEiuV020 <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>  <\/span> <\/div>\n<\/p><\/div>\n<div> \u8fd9\u79cd\u660e\u786e\u62a5\u6bd2\u7684\uff0c\u9664\u975e\u662f\u4e0d\u5f97\u4e0d\u7528\u7834\u89e3\u8f6f\u4ef6\u4e14\u6765\u6e90\u662f\u6d3b\u8dc3\u7684\u8bba\u575b\u6709\u5176\u4ed6\u4eba\u8bd5\u6bd2\uff0c\u5426\u5219\u6211\u90fd\u4e0d\u6562\u7528\uff0c<br \/>\u53e6\u5916\u4f60 google drive 404 \u4e86\uff0c\u6216\u8bb8\u662f\u62a5\u6bd2\u7ed9\u5220\u9664\u4e86\uff1f <\/div>\n<\/p><\/div>\n<\/li>\n<li data-pid=\"6690757\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u4e3b<\/span> <span>\u8cc7\u6df1\u5927\u4f6c : theklf4 <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>  <\/span> <\/div>\n<\/p><\/div>\n<div> @AoEiuV020 #1 \u94fe\u63a5\u91cc\u7684*\u8981\u53bb\u7684\uff0c\u56e0\u4e3a H*K \u5728 V \u7ad9\u662f\u654f\u611f\u8bcd\uff0c\u7ed1\u5b9a\u624b\u673a\u53f7\u624d\u80fd\u53d1 <\/div>\n<\/p><\/div>\n<\/li>\n<li data-pid=\"6690758\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u8cc7\u6df1\u5927\u4f6c : AoEiuV020 <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>  <\/span> <\/div>\n<\/p><\/div>\n<div> @theklf4 #2 \u8fd8\u662f\u6ca1\u6709\uff0c<br \/>\u62b1\u6b49\uff0c\u60a8\u65e0\u6cd5\u8bbf\u95ee\u6b64\u9879\u76ee\uff0c\u56e0\u4e3a\u5b83\u8fdd\u53cd\u4e86\u6211\u4eec\u7684\u670d\u52a1\u6761\u6b3e\u3002<br \/>\u53e6\u5916 v \u7ad9\u60ef\u4f8b\u53d1\u5916\u7ad9\u94fe\u63a5\u76f4\u63a5\u53d1 base64, <\/div>\n<\/p><\/div>\n<\/li>\n<li data-pid=\"6690759\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u8cc7\u6df1\u5927\u4f6c : AoEiuV020 <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>  <\/span> <\/div>\n<\/p><\/div>\n<div> HK \u662f\u654f\u611f\u8bcd\u5417\uff1f <\/div>\n<\/p><\/div>\n<\/li>\n<li data-pid=\"6690760\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u4e3b<\/span> <span>\u8cc7\u6df1\u5927\u4f6c : theklf4 <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>  <\/span> <\/div>\n<\/p><\/div>\n<div> @AoEiuV020 #3 \u786e\u5b9e\u53d8\u6210\u53ea\u6709\u6211\u7684\u8d26\u53f7\u624d\u80fd\u8bbf\u95ee\u4e86\uff0c\u6253\u4e86\u4e2a\u538b\u7f29\u5305 drive.google.com\/file\/d\/1k2Iopws491pm8qL65fZeIoZBlFDUm9oY\/view<br \/>\u5bc6\u7801 v2ex<br \/>H*K \u9700\u8981\u7ed1\u5b9a\u624b\u673a\u53f7\u624d\u80fd\u53d1\uff0c\u6211\u6ca1\u6709\u7ed1\u5b9a\u624b\u673a\u53f7\u3002<br \/>\u4e3a\u4e86\u8282\u7701\u5927\u4f6c\u4eec\u7684\u65f6\u95f4\u6240\u4ee5\u6ca1\u6709 base64 \u3002 <\/div>\n<\/p><\/div>\n<\/li>\n<li data-pid=\"6690761\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u8cc7\u6df1\u5927\u4f6c : gBurnX <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>  <\/span> <\/div>\n<\/p><\/div>\n<div> \u4e0d\u5c31\u4e00\u4e2a EQ \u63d2\u4ef6\u561b\uff0c\u4f60\u4e0d\u653e\u5fc3\uff0c\u6362\u4e2a EQ \u63d2\u4ef6\u4e0d\u5c31\u884c\u4e86\uff0cEQ \u63d2\u4ef6\u8fa3\u4e48\u591a\u3002 <\/div>\n<\/p><\/div>\n<\/li>\n<li data-pid=\"6690762\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u4e3b<\/span> <span>\u8cc7\u6df1\u5927\u4f6c : theklf4 <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>  <\/span> <\/div>\n<\/p><\/div>\n<div> @gBurnX \u8fd9\u4e2a\u63d2\u4ef6\u5305\u91cc\u6709\u5f88\u591a\u63d2\u4ef6\uff0c\u5c31\u8fd9\u4e00\u4e2a\u6587\u4ef6\u62a5\u6bd2\uff0c\u611f\u89c9\u5f88\u5947\u602a <\/div>\n<\/p><\/div>\n<\/li>\n<li data-pid=\"6690763\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u8cc7\u6df1\u5927\u4f6c : gBurnX <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>  <\/span> <\/div>\n<\/p><\/div>\n<div> @theklf4 \u63d2\u4ef6\u5305\u4e5f\u6709\u5f88\u591a\u554a\uff0c\u6362\u4e2a\u5c31\u662f\u4e86\u3002 <\/div>\n<\/p><\/div>\n<\/li>\n<li data-pid=\"6690764\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u8cc7\u6df1\u5927\u4f6c : littlewing <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>  <\/span> <\/div>\n<\/p><\/div>\n<div> \u63d2\u4ef6\u4ece\u54ea\u513f\u6765\u7684\uff1f <\/div>\n<\/p><\/div>\n<\/li>\n<li data-pid=\"6690765\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u8cc7\u6df1\u5927\u4f6c : zzzain46 <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>  <\/span> <\/div>\n<\/p><\/div>\n<div> \u53bb 52 \u53d1\u4e2a\u5e16\u5b50\u8ba9\u5927\u4f6c\u5e2e\u5fd9\u5206\u6790\u5206\u6790 <\/div>\n<\/p><\/div>\n<\/li>\n<li data-pid=\"6690766\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u8cc7\u6df1\u5927\u4f6c : Orciorc <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>  <\/span> <\/div>\n<\/p><\/div>\n<div> \u53ef\u4ee5\u5c1d\u8bd5\u7528 IDA+Snowman \u63d2\u4ef6\uff0c\u5f04\u4e2a C \u4f2a\u4ee3\u7801\u5206\u6790\u4e00\u4e0b\u903b\u8f91\uff0c\u5de5\u5177\u53ef\u4ee5\u5728 52 \u4e0b\u5230 <\/div>\n<\/p><\/div>\n<\/li>\n<li data-pid=\"6690767\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u8cc7\u6df1\u5927\u4f6c : mmlmml1 <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>  <\/span> <\/div>\n<\/p><\/div>\n<div> https:\/\/www.plugin-alliance.com\/en\/products\/bx_2098_eq.html<br \/>\u770b\u6837\u5b50\u662f\u4e2a\u4ed8\u8d39\u63d2\u4ef6\uff0c\u4e5f\u8bb8\u4f60\u4e0b\u7684\u662f\u7834\u89e3\u7248\uff1f <\/div>\n<\/p><\/div>\n<\/li>\n<li data-pid=\"6690768\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u8cc7\u6df1\u5927\u4f6c : zk8802 <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>  <\/span> <\/div>\n<\/p><\/div>\n<div> \u8fd9\u4e2a DLL \u91cc\u9762\u6ca1\u4ec0\u4e48\u903b\u8f91\uff0c\u57fa\u672c\u4e0a\u5c31\u662f\u53bb\u52a0\u8f7d\u6587\u4ef6 &#8220;bx_2098 EQ.R2R&#8221;\uff0c\u7136\u540e\u628a VSTPluginMain() \u548c main() \u8f6c\u53d1\u5230 &#8220;bx_2098 EQ.R2R&#8221; \u91cc\u9762\u5bf9\u5e94\u7684\u51fd\u6570\u4e0a\uff0c\u6700\u540e\u5bf9 &#8220;bx_2098 EQ.R2R&#8221; \u91cc\u9762\u7684\u4e09\u4e2a\u5730\u5740\u6253\u4e0a\u8865\u4e01\uff08\u4f30\u8ba1\u662f\u8df3\u8fc7\u6ce8\u518c\u68c0\u6d4b\u4ec0\u4e48\u7684\uff09\u3002\u5177\u4f53\u7684\u8865\u4e01\u4e0d\u77e5\u9053\u662f\u4ec0\u4e48\uff0c\u4e0d\u8fc7\u6211\u731c\u5e94\u8be5\u6ca1\u4ec0\u4e48\u95ee\u9898\u3002 <\/div>\n<\/p><\/div>\n<\/li>\n<li data-pid=\"6690769\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u8cc7\u6df1\u5927\u4f6c : murmur <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>  <\/span> <\/div>\n<\/p><\/div>\n<div> \u6740\u8f6f\u62a5\u6bd2\u5f88\u6b63\u5e38\uff0c\u6211\u7528 cakewalk \u793e\u533a\u7248\uff0c\u4e00\u5927\u5806 vst \u88ab 360 \u62a5\u6bd2 <\/div>\n<\/p><\/div>\n<\/li>\n<li data-pid=\"6690770\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u8cc7\u6df1\u5927\u4f6c : timi <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>  <\/span> <\/div>\n<\/p><\/div>\n<div> \u4e0d\u653e\u5fc3\u5c31\u4e22\u865a\u62df\u673a\u91cc\u8dd1 : ) <\/div>\n<\/p><\/div>\n<\/li>\n<li data-pid=\"6690771\" data-uid=\"2\">\n<div>\n<div>\n<div> <span>\u8cc7\u6df1\u5927\u4f6c : youlemei <\/span>  <\/div>\n<div> <i title=\"\u5f15\u7528\"><\/i>  <span>  <\/span> <\/div>\n<\/p><\/div>\n<div> \u641e\u4e2a\u865a\u62df\u673a\u968f\u4fbf\u8dd1 <\/div>\n<\/p><\/div>\n<\/li>\n<li>\n","protected":false},"excerpt":{"rendered":"<p>\u8bf7\u95ee\u6709 V \u53cb\u80fd\u5e2e\u5fd9\u5206\u4eab\u4e00\u4e0b\u8fd9\u4e2a &hellip;<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":[],"categories":[],"tags":[],"_links":{"self":[{"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/posts\/535254"}],"collection":[{"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcomments&post=535254"}],"version-history":[{"count":0,"href":"http:\/\/4563.org\/index.php?rest_route=\/wp\/v2\/posts\/535254\/revisions"}],"wp:attachment":[{"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Fmedia&parent=535254"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Fcategories&post=535254"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/4563.org\/index.php?rest_route=%2Fwp%2Fv2%2Ftags&post=535254"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}