Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

[Intel]: https://twitter.com/inversecos/status/1527188391347068928 #435

Open
timb-machine opened this issue May 19, 2022 · 0 comments
Open

[Intel]: https://twitter.com/inversecos/status/1527188391347068928 #435

timb-machine opened this issue May 19, 2022 · 0 comments
Assignees
@timb-machine
Labels
deprecated:template missing:tag:Non-persistentStorage missing:tag:T1027.002 missing:tag:T1048 missing:tag:T1057 missing:tag:T1071.001 missing:tag:T1560 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 missing:tag:T1620

Comments

@timb-machine
Copy link
Owner

timb-machine commented May 19, 2022
edited
Loading

Area

Defensive tools

Parent threat

Persistence, Defense Evasion

Finding

https://twitter.com/inversecos/status/1527188391347068928

Industry reference

attack:T1205.002:Socket Filters
attack:T1036:Masquerading
attack:T1070:Indicator Removal on Host

Malware reference

BPFDoor
Tricephalic Hellkeeper
Unix.Backdoor.RedMenshen
JustForFun

Actor reference

DecisiveArchitect

Component

Linux, Solaris

Scenario

No response

Scenario variation

Device application sandboxing
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@timb-machine timb-machine

Labels
deprecated:template missing:tag:Non-persistentStorage missing:tag:T1027.002 missing:tag:T1048 missing:tag:T1057 missing:tag:T1071.001 missing:tag:T1560 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 missing:tag:T1620
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@timb-machine