Skip to content

Issues: timb-machine/linux-malware

[Intel]: Example Intel
#16 opened Apr 19, 2022 by timb-machine
Open
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clear current search query, filters, and sorts
29 Open 0 Closed
29 Open 0 Closed
Author
Filter by author
Loading
Label
Filter by label
Loading
Use alt + click/return to exclude labels
or + click/return for logical OR
Projects
Filter by project
Loading
Milestones
Filter by milestone
Loading
Assignee
Filter by who’s assigned
Sort
Sort by
Newest Oldest Most commented Least commented Recently updated Least recently updated Best match
Most reactions
👍 👎 😄 🎉 😕 ❤️ 🚀 👀

Issues list

[Intel]: https://asec.ahnlab.com/en/45182/ missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1027.002 missing:tag:T1048 missing:tag:T1070.004 missing:tag:T1070.006 missing:tag:T1071.001 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1560 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 new
#603 opened Jan 21, 2023 by timb-machine
@timb-machine
[Intel]: https://blogs.vmware.com/security/2021/09/hellokitty-the-victims-perspective.html missing:tag:T1021.002 missing:tag:T1027.002 missing:tag:T1048 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1070.006 missing:tag:T1071.001 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 new
#546 opened Oct 8, 2022 by timb-machine
@timb-machine
[Intel]: https://www.sentinelone.com/labs/the-mystery-of-metador-an-unattributed-threat-hiding-in-telcos-isps-and-universities/ missing:tactics missing:tag:PyPI missing:tag:T1021.002 missing:tag:T1027.002 missing:tag:T1048 missing:tag:T1057 missing:tag:T1070.003 missing:tag:T1070.004 missing:tag:T1070.006 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1491 missing:tag:T1518 missing:tag:T1546.004 missing:tag:T1552.003 missing:tag:T1560 missing:tag:T1567 missing:tag:T1573 missing:tag:T1574.007 new
#526 opened Sep 28, 2022 by timb-machine
@timb-machine
[Intel]: https://buzzchronicles.com/Mollyycolllinss/b/internet/7795/ missing:tactics missing:tag:JavaScript missing:tag:ProcessTreeSpoofing missing:tag:ProcessTreeSpoofingForking missing:tag:PyPI missing:tag:T1027.002 missing:tag:T1048 missing:tag:T1055.008 missing:tag:T1057 missing:tag:T1070.003 missing:tag:T1070.004 missing:tag:T1070.006 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1552.003 missing:tag:T1560 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 missing:tag:T1622 new
#475 opened Jul 23, 2022 by timb-machine
@timb-machine
[Intel]: https://xorl.wordpress.com/2022/06/22/the-forgotten-suaveeyeful-freebsd-software-implant-of-the-equation-group/ missing:tactics missing:tag:Non-persistentStorage missing:tag:RedirectionToNull missing:tag:T1001 missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1027.002 missing:tag:T1048 missing:tag:T1057 missing:tag:T1070.003 missing:tag:T1070.004 missing:tag:T1070.006 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1222 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1548.001 missing:tag:T1552.003 missing:tag:T1560 missing:tag:T1567 missing:tag:T1573 missing:tag:T1574.007 new
#474 opened Jul 23, 2022 by timb-machine
@timb-machine
[Intel]: https://grsecurity.net/tetragone_a_lesson_in_security_fundamentals missing:tag:T1005 missing:tag:T1048 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1070.006 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1548.003 missing:tag:T1558 missing:tag:T1567 missing:tag:T1573 missing:tag:T1574.006 missing:tag:T1574.007 missing:tag:T1590
#450 opened Jun 6, 2022 by timb-machine
@timb-machine
[Intel]: https://sysdig.com/blog/containers-read-only-fileless-malware/ deprecated:template missing:tag:JavaScript missing:tag:Non-persistentStorage missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1053.007 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1070.006 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1205 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1567 missing:tag:T1573 missing:tag:T1609 missing:tag:T1610
#415 opened May 3, 2022 by timb-machine
@timb-machine
[Intel]: https://www.mandiant.com/resources/unc3524-eye-spy-email deprecated:template missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1070.006 missing:tag:T1071.001 missing:tag:T1491 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590
#414 opened May 2, 2022 by timb-machine
@timb-machine
[Intel]: https://vblocalhost.com/conference/presentations/shades-of-red-redxor-linux-backdoor-and-its-chinese-origins/ missing:tactics missing:tag:T1048 missing:tag:T1057 missing:tag:T1070.006 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 new
#408 opened Apr 21, 2022 by timb-machine
@timb-machine
[Intel]: https://id-ransomware.blogspot.com/2021/11/polaris-ransomware.html missing:tactics missing:tag:Non-persistentStorage missing:tag:T1005 missing:tag:T1007 missing:tag:T1021.002 missing:tag:T1037 missing:tag:T1048 missing:tag:T1053.006 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1070.006 missing:tag:T1071.001 missing:tag:T1491 missing:tag:T1543.002 missing:tag:T1546.004 missing:tag:T1567 missing:tag:T1573 missing:tag:wltm new
#398 opened Apr 20, 2022 by timb-machine
[Intel]: https://www.trendmicro.com/en_us/research/16/i/pokemon-themed-umbreon-linux-rootkit-hits-x86-arm-systems.html missing:tag:T1003.008 missing:tag:T1005 missing:tag:T1006 missing:tag:T1021.002 missing:tag:T1037 missing:tag:T1040 missing:tag:T1046 missing:tag:T1048 missing:tag:T1055.008 missing:tag:T1057 missing:tag:T1070.003 missing:tag:T1070.004 missing:tag:T1070.006 missing:tag:T1071.001 missing:tag:T1078.003 missing:tag:T1083 missing:tag:T1222 missing:tag:T1491 missing:tag:T1518 missing:tag:T1546.004 missing:tag:T1548.001 missing:tag:T1552.003 missing:tag:T1556.003 missing:tag:T1561 missing:tag:T1567 missing:tag:T1573 missing:tag:T1574.006 missing:tag:T1622
#397 opened Apr 20, 2022 by timb-machine
[Intel]: https://cujo.com/threat-alert-krane-malware/ missing:tag:Non-persistentStorage missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1021.004 missing:tag:T1027.002 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1057 missing:tag:T1059.006 missing:tag:T1070.003 missing:tag:T1070.004 missing:tag:T1070.006 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1098.004 missing:tag:T1205 missing:tag:T1222 missing:tag:T1491 missing:tag:T1518 missing:tag:T1546.004 missing:tag:T1548.001 missing:tag:T1552.003 missing:tag:T1552.004 missing:tag:T1560 missing:tag:T1567 missing:tag:T1573
#391 opened Apr 20, 2022 by timb-machine
[Intel]: https://honeynet.onofri.org/scans/scan13/som/som5.txt missing:tactics missing:tag:Non-persistentStorage missing:tag:T1005 missing:tag:T1027.002 missing:tag:T1037 missing:tag:T1037.004 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1070.006 missing:tag:T1071.001 missing:tag:T1222 missing:tag:T1491 missing:tag:T1548.001 missing:tag:T1560 missing:tag:T1567 missing:tag:T1590 new
#389 opened Apr 20, 2022 by timb-machine
[Intel]: http://www.foo.be/cours/dess-20042005/report/bigwar.html#sc missing:tactics missing:tag:Non-persistentStorage missing:tag:T1003.008 missing:tag:T1005 missing:tag:T1021.004 missing:tag:T1027.002 missing:tag:T1037 missing:tag:T1037.004 missing:tag:T1046 missing:tag:T1057 missing:tag:T1069 missing:tag:T1070.004 missing:tag:T1070.006 missing:tag:T1071.001 missing:tag:T1071.002 missing:tag:T1078.003 missing:tag:T1222 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1548.001 missing:tag:T1558 missing:tag:T1567 missing:tag:T1590 new
#386 opened Apr 20, 2022 by timb-machine
[Intel]: https://honeynet.onofri.org/scans/scan13/som/som13.txt missing:tactics missing:tag:Non-persistentStorage missing:tag:T1005 missing:tag:T1027.002 missing:tag:T1037 missing:tag:T1037.004 missing:tag:T1046 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1070.006 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1560 missing:tag:T1567 missing:tag:T1590 new
#385 opened Apr 20, 2022 by timb-machine
[Intel]: https://pastebin.com/raw/mEape37E missing:tactics missing:tag:Non-persistentStorage missing:tag:RedirectionToNull missing:tag:T1001 missing:tag:T1003.008 missing:tag:T1005 missing:tag:T1007 missing:tag:T1021.004 missing:tag:T1037 missing:tag:T1046 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1053.006 missing:tag:T1057 missing:tag:T1070.003 missing:tag:T1070.004 missing:tag:T1070.006 missing:tag:T1071.001 missing:tag:T1078.003 missing:tag:T1083 missing:tag:T1098.004 missing:tag:T1222 missing:tag:T1518 missing:tag:T1543.002 missing:tag:T1546.004 missing:tag:T1548.001 missing:tag:T1552.003 missing:tag:T1552.004 missing:tag:T1567 missing:tag:T1573 missing:tag:T1574.007 new
#355 opened Apr 20, 2022 by timb-machine
[Intel]: https://cujo.com/iot-malware-journals-prometei-linux/ missing:tactics missing:tag:Non-persistentStorage missing:tag:T1001 missing:tag:T1005 missing:tag:T1007 missing:tag:T1027.002 missing:tag:T1037 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1053.006 missing:tag:T1057 missing:tag:T1059.006 missing:tag:T1070.004 missing:tag:T1070.006 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1205 missing:tag:T1491 missing:tag:T1543.002 missing:tag:T1560 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 new
#300 opened Apr 20, 2022 by timb-machine
[Intel]: https://pberba.github.io/security/2021/11/22/linux-threat-hunting-for-persistence-sysmon-auditd-webshell/ missing:tactics missing:tag:Auditd missing:tag:T1003.008 missing:tag:T1005 missing:tag:T1007 missing:tag:T1037 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1053.006 missing:tag:T1057 missing:tag:T1070.002 missing:tag:T1070.004 missing:tag:T1070.006 missing:tag:T1071.001 missing:tag:T1078.003 missing:tag:T1083 missing:tag:T1098.004 missing:tag:T1491 missing:tag:T1518 missing:tag:T1543.002 missing:tag:T1546.004 missing:tag:T1548.003 missing:tag:T1552.004 missing:tag:T1562.001 missing:tag:T1567 missing:tag:T1573 missing:tag:T1574.007 missing:tag:T1590 new
#268 opened Apr 20, 2022 by timb-machine
[Intel]: http://www.ouah.org/LKM_HACKING.html missing:tag:IRC missing:tag:Non-persistentStorage missing:tag:ProcessTreeSpoofing missing:tag:ProcessTreeSpoofingForking missing:tag:T1003.008 missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1027.004 missing:tag:T1048 missing:tag:T1055.008 missing:tag:T1055.012 missing:tag:T1057 missing:tag:T1070.002 missing:tag:T1070.004 missing:tag:T1070.006 missing:tag:T1071.001 missing:tag:T1071.002 missing:tag:T1078.003 missing:tag:T1083 missing:tag:T1215 missing:tag:T1222 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1548.001 missing:tag:T1567 missing:tag:T1574.006 missing:tag:T1574.007 missing:tag:T1590 missing:tag:T1622
#257 opened Apr 20, 2022 by timb-machine
[Intel]: https://medium.com/confluera-engineering/reflective-code-loading-in-linux-a-new-defense-evasion-technique-in-mitre-att-ck-v10-da7da34ed301 missing:tactics missing:tag:Non-persistentStorage missing:tag:T1005 missing:tag:T1027.002 missing:tag:T1048 missing:tag:T1057 missing:tag:T1070.003 missing:tag:T1070.004 missing:tag:T1070.006 missing:tag:T1071.001 missing:tag:T1491 missing:tag:T1552.003 missing:tag:T1567 missing:tag:T1573 missing:tag:T1574.006 missing:tag:T1620 new
#250 opened Apr 20, 2022 by timb-machine
[Intel]: https://security.humanativaspa.it/openssh-ssh-agent-shielded-private-key-extraction-x86_64-linux/ missing:tactics missing:tag:Non-persistentStorage missing:tag:RedirectionToNull missing:tag:T1021.004 missing:tag:T1027.002 missing:tag:T1046 missing:tag:T1048 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1070.006 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1560 missing:tag:T1567 missing:tag:T1573 missing:tag:T1574.006 missing:tag:T1590 new
#236 opened Apr 20, 2022 by timb-machine
[Intel]: https://www.cyberark.com/resources/threat-research-blog/kinsing-the-malware-with-two-faces missing:tag:JavaScript missing:tag:RedirectionToNull missing:tag:T1005 missing:tag:T1027.002 missing:tag:T1048 missing:tag:T1053.007 missing:tag:T1057 missing:tag:T1070.003 missing:tag:T1070.004 missing:tag:T1070.006 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1205 missing:tag:T1222 missing:tag:T1491 missing:tag:T1518 missing:tag:T1546.004 missing:tag:T1548.001 missing:tag:T1548.003 missing:tag:T1552.003 missing:tag:T1560 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 missing:tag:T1609 missing:tag:T1610 new
#115 opened Apr 19, 2022 by timb-machine
[Intel]: https://unit42.paloaltonetworks.com/blackcat-ransomware/ ignore:tag:T1602.001 missing:tag:T1005 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1070.006 missing:tag:T1071.001 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 new
#108 opened Apr 19, 2022 by timb-machine
[Intel]: https://cloud.google.com/blog/topics/threat-intelligence/live-off-the-land-an-overview-of-unc1945/ missing:tactics missing:tag:Non-persistentStorage missing:tag:RedirectionToNull missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1021.004 missing:tag:T1048 missing:tag:T1057 missing:tag:T1070.002 missing:tag:T1070.004 missing:tag:T1070.006 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1491 missing:tag:T1556.003 missing:tag:T1567 missing:tag:T1573 new
#63 opened Apr 19, 2022 by timb-machine
[Intel]: https://www.cadosecurity.com/post/team-tnt-the-first-crypto-mining-worm-to-steal-aws-credentials missing:tactics missing:tag:RedirectionToNull missing:tag:T1001 missing:tag:T1005 missing:tag:T1037 missing:tag:T1037.004 missing:tag:T1048 missing:tag:T1053.007 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1070.006 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1098.004 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1552.004 missing:tag:T1567 missing:tag:T1573 missing:tag:T1609 missing:tag:T1610 new
#50 opened Apr 19, 2022 by timb-machine
ProTip! Follow long discussions with comments:>50.