Skip to content

Issues: timb-machine/linux-malware

[Intel]: Example Intel
#16 opened Apr 19, 2022 by timb-machine
Open
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clear current search query, filters, and sorts
123 Open 0 Closed
123 Open 0 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

[Intel]: https://www.microsoft.com/security/blog/2022/05/19/rise-in-xorddos-a-deeper-look-at-the-stealthy-ddos-malware-targeting-linux-devices/ missing:tag:Non-persistentStorage missing:tag:RedirectionToNull missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1027.002 missing:tag:T1037 missing:tag:T1037.004 missing:tag:T1046 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1057 missing:tag:T1069 missing:tag:T1070.002 missing:tag:T1070.003 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1491 missing:tag:T1518 missing:tag:T1546.004 missing:tag:T1548.003 missing:tag:T1552.003 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590
#439 opened May 21, 2022 by timb-machine
@timb-machine
3
[Intel]: https://cybersecurity.att.com/blogs/labs-research/shikitega-new-stealthy-malware-targeting-linux missing:tag:T1005 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1567 missing:tag:T1573
#510 opened Sep 6, 2022 by timb-machine
@timb-machine
[Intel]: https://github.com/h3xduck/TripleCross missing:tag:eBPF missing:tag:ProcessTreeSpoofing missing:tag:ProcessTreeSpoofingForking missing:tag:T1005 missing:tag:T1007 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1053.006 missing:tag:T1057 missing:tag:T1071.001 missing:tag:T1491 missing:tag:T1543.002 missing:tag:T1548.003 missing:tag:T1567 missing:tag:T1573 missing:tag:T1574.007 missing:tag:T1590
#465 opened Jul 4, 2022 by timb-machine
@timb-machine
[Intel]: https://github.com/chainguard-dev/osquery-defense-kit missing:tag:T1005 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1491 missing:tag:T1567 missing:tag:T1573
#574 opened Oct 22, 2022 by timb-machine
@timb-machine
[Intel]: https://www.darkreading.com/attacks-breaches/blackcat-purveyor-shows-ransomware-operators-have-nine-lives missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1057 missing:tag:T1070.003 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1491 missing:tag:T1518 missing:tag:T1552.003 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 new
#41 opened Apr 19, 2022 by timb-machine
[Intel]: https://www.fireeye.com/blog/threat-research/2021/05/shining-a-light-on-darkside-ransomware-operations.html ignore:tag:T1602.001 missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 missing:tag:wltm
#321 opened Apr 20, 2022 by timb-machine
[Intel]: https://cujo.com/threat-alert-krane-malware/ missing:tag:Non-persistentStorage missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1021.004 missing:tag:T1027.002 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1057 missing:tag:T1059.006 missing:tag:T1070.003 missing:tag:T1070.004 missing:tag:T1070.006 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1098.004 missing:tag:T1205 missing:tag:T1222 missing:tag:T1491 missing:tag:T1518 missing:tag:T1546.004 missing:tag:T1548.001 missing:tag:T1552.003 missing:tag:T1552.004 missing:tag:T1560 missing:tag:T1567 missing:tag:T1573
#391 opened Apr 20, 2022 by timb-machine
[Intel]: https://sansec.io/research/cronrat missing:tag:Non-persistentStorage missing:tag:RedirectionToNull missing:tag:T1001 missing:tag:T1007 missing:tag:T1037 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1053.006 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1491 missing:tag:T1543.002 missing:tag:T1546.004 missing:tag:T1567 missing:tag:T1573 missing:tag:T1574.006
#399 opened Apr 20, 2022 by timb-machine
@timb-machine
[Intel]: https://blog.aquasec.com/threat-alert-kinsing-malware-container-vulnerability missing:tag:Auditd missing:tag:eBPF missing:tag:Non-persistentStorage missing:tag:RedirectionToNull missing:tag:T1005 missing:tag:T1021.004 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1053.007 missing:tag:T1057 missing:tag:T1070.003 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1098.004 missing:tag:T1205 missing:tag:T1491 missing:tag:T1518 missing:tag:T1546.004 missing:tag:T1548.003 missing:tag:T1552.003 missing:tag:T1552.004 missing:tag:T1562.001 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 missing:tag:T1609 missing:tag:T1610 new
#337 opened Apr 20, 2022 by timb-machine
[Intel]: https://www.leonardocompany.com/documents/20142/10868623/Malware+Technical+Insight+_Turla+%E2%80%9CPenquin_x64%E2%80%9D.pdf missing:tag:Non-persistentStorage missing:tag:NPM missing:tag:T1001 missing:tag:T1021.002 missing:tag:T1027.002 missing:tag:T1040 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1057 missing:tag:T1059.006 missing:tag:T1069 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1205 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 missing:tag:wltm new
#338 opened Apr 20, 2022 by timb-machine
[Intel]: https://www.mandiant.com/resources/unc3524-eye-spy-email deprecated:template missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1070.006 missing:tag:T1071.001 missing:tag:T1491 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590
#414 opened May 2, 2022 by timb-machine
@timb-machine
[Intel]: https://www.trendmicro.com/en_gb/research/19/i/skidmap-linux-malware-uses-rootkit-capabilities-to-hide-cryptocurrency-mining-payload.html missing:tag:Auditd missing:tag:Non-persistentStorage missing:tag:T1005 missing:tag:T1007 missing:tag:T1021.002 missing:tag:T1027.002 missing:tag:T1037 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1053.006 missing:tag:T1053.007 missing:tag:T1057 missing:tag:T1070.003 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1098.004 missing:tag:T1222 missing:tag:T1491 missing:tag:T1543.002 missing:tag:T1546.004 missing:tag:T1548.001 missing:tag:T1552.003 missing:tag:T1556.003 missing:tag:T1560 missing:tag:T1562.001 missing:tag:T1567 missing:tag:T1573 missing:tag:T1574.006 missing:tag:T1590 missing:tag:T1609 missing:tag:T1610
#111 opened Apr 19, 2022 by timb-machine
[Intel]: https://www.welivesecurity.com/2022/04/12/industroyer2-industroyer-reloaded/ ignore:tag:T1021.002 ignore:tag:T1027.002 ignore:tag:T1037 ignore:tag:T1048 ignore:tag:T1053.006 ignore:tag:T1057 ignore:tag:T1070.002 ignore:tag:T1070.004 ignore:tag:T1071.001 ignore:tag:T1491 ignore:tag:T1543.002 ignore:tag:T1546.004 ignore:tag:T1567 ignore:tag:T1573 ignore:tag:T1590 missing:tactics missing:tag:T1007 missing:tag:T1053.003
#119 opened Apr 19, 2022 by timb-machine
[Intel]: https://twitter.com/malwaremustd1e/status/1251758225919115264 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1546.004 missing:tag:T1567 missing:tag:T1573 new
#361 opened Apr 20, 2022 by timb-machine
[Intel]: https://www.crowdstrike.com/blog/lemonduck-botnet-targets-docker-for-cryptomining-operations/ deprecated:template missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1053.007 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1567 missing:tag:T1573 missing:tag:T1609 missing:tag:T1610
#410 opened Apr 21, 2022 by timb-machine
@timb-machine
[Intel]: https://packetstormsecurity.com/files/23336/Slx2k001.txt.html missing:tag:JavaScript missing:tag:Non-persistentStorage missing:tag:ProcessTreeSpoofing missing:tag:ProcessTreeSpoofingForking missing:tag:RedirectionToNull missing:tag:T1003.008 missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1027.004 missing:tag:T1040 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1070.002 missing:tag:T1070.003 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1071.002 missing:tag:T1078.003 missing:tag:T1083 missing:tag:T1222 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1548.001 missing:tag:T1552.003 missing:tag:T1567 missing:tag:T1573 missing:tag:T1574.007 missing:tag:T1590 new
#152 opened Apr 19, 2022 by timb-machine
[Intel]: https://www.trendmicro.com/en_ca/research/20/k/analysis-of-kinsing-malwares-use-of-rootkit.html missing:tag:T1005 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1053.007 missing:tag:T1057 missing:tag:T1070.003 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1552.003 missing:tag:T1567 missing:tag:T1573 missing:tag:T1574.006 missing:tag:T1609 missing:tag:T1610 missing:tag:wltm new
#380 opened Apr 20, 2022 by timb-machine
[Intel]: https://sysdig.com/blog/muhstik-malware-botnet-analysis/ missing:tag:JavaScript missing:tag:Non-persistentStorage missing:tag:T1001 missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1027.002 missing:tag:T1040 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1053.007 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1205 missing:tag:T1222 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1548.001 missing:tag:T1567 missing:tag:T1573 missing:tag:T1609 missing:tag:T1610
#90 opened Apr 19, 2022 by timb-machine
@timb-machine
[Intel]: https://sansec.io/research/nginrat missing:tag:Non-persistentStorage missing:tag:T1005 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1057 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1205 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1548.003 missing:tag:T1567 missing:tag:T1573 missing:tag:T1574.006 missing:tag:T1574.007 missing:tag:T1590
#94 opened Apr 19, 2022 by timb-machine
@timb-machine
[Intel]: https://www.intezer.com/blog/malware-analysis/new-backdoor-sysjoker/ ignore:tag:T1005 ignore:tag:T1027.002 ignore:tag:T1048 ignore:tag:T1057 ignore:tag:T1083 ignore:tag:T1491 ignore:tag:T1567 ignore:tag:T1590 missing:tactics missing:tag:RedirectionToNull missing:tag:T1053.003 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1573
#95 opened Apr 19, 2022 by timb-machine
[Intel]: https://www.pangulab.cn/files/The_Bvp47_a_top-tier_backdoor_of_us_nsa_equation_group.en.pdf missing:tag:IRC missing:tag:Non-persistentStorage missing:tag:ProcessTreeSpoofing missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1518 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 new
#99 opened Apr 19, 2022 by timb-machine
[Intel]: https://en.wikipedia.org/wiki/Mirai_(malware) missing:tag:T1005 missing:tag:T1027.002 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1070.003 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1491 missing:tag:T1552.003 missing:tag:T1560 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 new
#18 opened Apr 19, 2022 by timb-machine
[Intel]: https://securelist.com/an-overview-of-targeted-attacks-and-apts-on-linux/98440/ missing:tag:T1021.002 missing:tag:T1046 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1205 missing:tag:T1491 missing:tag:T1548.003 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 new
#19 opened Apr 19, 2022 by timb-machine
[Intel]: https://cybersecurity.att.com/blogs/labs-research/blackcat-ransomware ignore:tag:T1602.001 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 new
#107 opened Apr 19, 2022 by timb-machine
[Intel]: https://unit42.paloaltonetworks.com/blackcat-ransomware/ ignore:tag:T1602.001 missing:tag:T1005 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1070.006 missing:tag:T1071.001 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 new
#108 opened Apr 19, 2022 by timb-machine
ProTip! Adding no:label will show everything without a label.