Skip to content

[Intel]: https://blog.qualys.com/vulnerabilities-threat-research/2023/05/17/new-strain-of-sotdas-malware-discovered #693

New issue
Jump to bottom
New issue
Jump to bottom
Open
Open
[Intel]: https://blog.qualys.com/vulnerabilities-threat-research/2023/05/17/new-strain-of-sotdas-malware-discovered#693
Assignees
timb-machine
Labels
confirmed
@timb-machine

Description

@timb-machine
timb-machine
opened on Jun 25, 2023

Area

Malware reports

Parent threat

Persistence, Defense Evasion, Discovery, Command and Control

Finding

https://blog.qualys.com/vulnerabilities-threat-research/2023/05/17/new-strain-of-sotdas-malware-discovered

Industry reference

attack:T1037.004:RC Scripts
attack:T1543.002:Systemd Service
attack:T1036:Masquerading: Match Legitimate Name or Location
attack:T1070.004:File Deletion
attack:T1222:File and Directory Permissions Modification
attack:T1564.001:Hidden Files and Directories
attack:T1082:System Information Discovery
attack:T1057:Process Discovery
attack:T1071.004:DNS

Malware reference

Sotdas

Actor reference

No response

Component

Linux

Scenario

No response

Metadata

Assignees

Labels

confirmed

Projects

No projects

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions