timb-machine / linux-malware Public

Notifications You must be signed in to change notification settings
Fork 92
Star 1.1k

Code
Issues 780
Pull requests 1
Actions
Projects 1
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Actions
Projects
Security
Insights

Issues: timb-machine/linux-malware

[Intel]: Example Intel

#16 opened Apr 19, 2022 by timb-machine

Open

Labels 175 Milestones 0

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clear current search query, filters, and sorts

67 Open 0 Closed

Author

Filter by author

Label

Filter by label

Use alt + click/return to exclude labels

or ⇧ + click/return for logical OR

Projects

Filter by project

Milestones

Filter by milestone

Assignee

Filter by who’s assigned

Assigned to nobody

Sort

Sort by

Newest Oldest Most commented Least commented Recently updated Least recently updated Best match

Most reactions

Issues list

[Intel]: https://github.com/grisuno/LazyOwn missing:submodule missing:tag:JavaScript missing:tag:Non-persistentStorage missing:tag:RedirectionToNull missing:tag:T1001 missing:tag:T1003.008 missing:tag:T1005 missing:tag:T1007 missing:tag:T1021.002 missing:tag:T1021.004 missing:tag:T1027.002 missing:tag:T1037 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1053.006 missing:tag:T1057 missing:tag:T1059.006 missing:tag:T1070.003 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1071.002 missing:tag:T1078.003 missing:tag:T1083 missing:tag:T1098.004 missing:tag:T1222 missing:tag:T1491 missing:tag:T1518 missing:tag:T1543.002 missing:tag:T1546.004 missing:tag:T1548.001 missing:tag:T1548.003 missing:tag:T1552.003 missing:tag:T1552.004 missing:tag:T1560 missing:tag:T1567 missing:tag:T1573 missing:tag:T1574.007 missing:tag:T1590 missing:tag:T1602.001 missing:tag:wltm new

#812 opened Dec 6, 2024 by timb-machine

[Intel]: https://github.com/MatheuZSecurity/D3m0n1z3dShell good first issue

Good for newcomers

missing:tag:Non-persistentStorage missing:tag:T1005 missing:tag:T1027.002 missing:tag:T1037.004 missing:tag:T1048 missing:tag:T1071.001 missing:tag:T1222 missing:tag:T1548.001 missing:tag:T1548.003 missing:tag:T1560 missing:tag:T1567 missing:tag:T1573 missing:tag:T1574.006 new

#773 opened Jan 17, 2024 by timb-machine

[Intel]: https://github.com/avilum/secimport missing:tag:eBPF missing:tag:T1005 missing:tag:T1048 missing:tag:T1057 missing:tag:T1059.006 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1222 missing:tag:T1548.001 missing:tag:T1548.003 missing:tag:T1567 missing:tag:T1573 new

#748 opened Aug 18, 2023 by timb-machine

[Intel]: https://hckng.org/articles/perljam-elf64-virus.html missing:tag:ProcessTreeSpoofing missing:tag:T1005 missing:tag:T1027.002 missing:tag:T1048 missing:tag:T1071.001 missing:tag:T1222 missing:tag:T1491 missing:tag:T1548.001 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 new

#735 opened Aug 12, 2023 by timb-machine

[Intel]: https://github.com/liamg/traitor missing:tag:Non-persistentStorage missing:tag:T1001 missing:tag:T1005 missing:tag:T1048 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1222 missing:tag:T1548.001 missing:tag:T1548.003 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 new

#687 opened Jun 14, 2023 by timb-machine

[Intel]: https://www.mandiant.com/sites/default/files/2022-03/wp-linux-endpoint-hardening.pdf missing:tag:Auditd missing:tag:Non-persistentStorage missing:tag:RedirectionToNull missing:tag:T1003.008 missing:tag:T1005 missing:tag:T1007 missing:tag:T1021.002 missing:tag:T1021.004 missing:tag:T1037 missing:tag:T1037.004 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1053.006 missing:tag:T1057 missing:tag:T1069 missing:tag:T1070.002 missing:tag:T1070.003 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1078.003 missing:tag:T1083 missing:tag:T1215 missing:tag:T1222 missing:tag:T1491 missing:tag:T1518 missing:tag:T1543.002 missing:tag:T1548.001 missing:tag:T1548.003 missing:tag:T1552.003 missing:tag:T1556.003 missing:tag:T1562.001 missing:tag:T1562.004 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 new

#675 opened May 21, 2023 by timb-machine

[Intel]: https://asec.ahnlab.com/en/51908/ ignore:tag:Non-persistentStorage missing:tag:T1005 missing:tag:T1007 missing:tag:T1021.002 missing:tag:T1027.002 missing:tag:T1037 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1053.006 missing:tag:T1057 missing:tag:T1070.003 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1098.004 missing:tag:T1222 missing:tag:T1491 missing:tag:T1543.002 missing:tag:T1548.001 missing:tag:T1552.003 missing:tag:T1552.004 missing:tag:T1560 missing:tag:T1567 missing:tag:T1573 new

#650 opened May 2, 2023 by timb-machine

[Intel]: https://blog.vibri.us/BeyondTrust-AD-Bridge-Open-Post-Exploitation/ missing:tag:Non-persistentStorage missing:tag:T1005 missing:tag:T1040 missing:tag:T1048 missing:tag:T1057 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1222 missing:tag:T1491 missing:tag:T1518 missing:tag:T1548.001 missing:tag:T1567 missing:tag:T1573 new

#635 opened Apr 9, 2023 by timb-machine

[Intel]: https://asec.ahnlab.com/en/50316/ missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1027.002 missing:tag:T1037.004 missing:tag:T1048 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1222 missing:tag:T1491 missing:tag:T1548.001 missing:tag:T1560 missing:tag:T1562.004 missing:tag:T1567 missing:tag:T1573

#621 opened Mar 28, 2023 by timb-machine

[Intel]: https://blog.exatrack.com/melofee/ missing:tag:JavaScript missing:tag:Non-persistentStorage missing:tag:RedirectionToNull missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1037 missing:tag:T1037.004 missing:tag:T1048 missing:tag:T1057 missing:tag:T1070.003 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1205 missing:tag:T1215 missing:tag:T1222 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1548.001 missing:tag:T1552.003 missing:tag:T1562.004 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590

#620 opened Mar 28, 2023 by timb-machine

[Intel]: https://themittenmac.com/tinyshell-under-the-microscope/ missing:tactics missing:tag:T1005 missing:tag:T1048 missing:tag:T1055.008 missing:tag:T1057 missing:tag:T1059.006 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1205 missing:tag:T1222 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1548.001 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 missing:tag:T1622 new

#617 opened Mar 16, 2023 by timb-machine

[Intel]: https://ortiz.sh/linux/2020/07/05/UNKILLABLE.html missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1048 missing:tag:T1057 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1215 missing:tag:T1222 missing:tag:T1491 missing:tag:T1548.001 missing:tag:T1548.003 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590

#575 opened Oct 25, 2022 by timb-machine

[Intel]: https://www.lacework.com/blog/sysrv-hello-expands-infrastructure/ missing:tag:T1001 missing:tag:T1003.008 missing:tag:T1005 missing:tag:T1021.004 missing:tag:T1037 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1057 missing:tag:T1070.003 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1098.004 missing:tag:T1205 missing:tag:T1222 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1548.001 missing:tag:T1552.003 missing:tag:T1552.004 missing:tag:T1562.004 missing:tag:T1567 missing:tag:T1573 missing:tag:T1574.006 missing:tag:T1590 new

#565 opened Oct 14, 2022 by timb-machine

[Intel]: https://www.jakoblell.com/blog/2014/05/07/hacking-contest-rootkit/ missing:tag:Non-persistentStorage missing:tag:ProcessTreeSpoofing missing:tag:T1021.002 missing:tag:T1021.004 missing:tag:T1027.004 missing:tag:T1040 missing:tag:T1046 missing:tag:T1048 missing:tag:T1057 missing:tag:T1070.002 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1222 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1548.001 missing:tag:T1567 missing:tag:T1573 new

#562 opened Oct 10, 2022 by timb-machine

[Intel]: https://www.bitdefender.com/files/News/CaseStudies/study/319/Bitdefender-PR-Whitepaper-DarkNexus-creat4349-en-EN-interactive.pdf missing:tactics missing:tag:Non-persistentStorage missing:tag:T1005 missing:tag:T1027.002 missing:tag:T1037.004 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1222 missing:tag:T1491 missing:tag:T1548.001 missing:tag:T1560 missing:tag:T1562.004 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 new

#518 opened Sep 14, 2022 by timb-machine

[Intel]: https://github.com/sevagas/swap_digger missing:tag:Non-persistentStorage missing:tag:T1003.008 missing:tag:T1005 missing:tag:T1048 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1222 missing:tag:T1548.001 missing:tag:T1548.003 missing:tag:T1567 missing:tag:T1573 missing:tag:T1574.007 new

#515 opened Sep 13, 2022 by timb-machine

[Intel]: https://blog.sonatype.com/pypi-package-secretslib-drops-fileless-linux-malware-to-mine-monero missing:tag:Non-persistentStorage missing:tag:RedirectionToNull missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1048 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1222 missing:tag:T1491 missing:tag:T1518 missing:tag:T1546.004 missing:tag:T1548.001 missing:tag:T1548.003 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 missing:tag:T1620 new

#495 opened Aug 12, 2022 by timb-machine

[Intel]: https://www.fortinet.com/blog/threat-research/rapperbot-malware-discovery missing:tag:RedirectionToNull missing:tag:T1003.008 missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1021.004 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1078.003 missing:tag:T1083 missing:tag:T1098.004 missing:tag:T1222 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1548.001 missing:tag:T1552.004 missing:tag:T1567 missing:tag:T1573 new

#488 opened Aug 5, 2022 by timb-machine

[Intel]: https://blog.sekoia.io/walking-on-apt31-infrastructure-footprints/ missing:tactics missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1027.002 missing:tag:T1048 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1222 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1548.001 missing:tag:T1560 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 new

#478 opened Jul 23, 2022 by timb-machine

[Intel]: https://xorl.wordpress.com/2022/06/22/the-forgotten-suaveeyeful-freebsd-software-implant-of-the-equation-group/ missing:tactics missing:tag:Non-persistentStorage missing:tag:RedirectionToNull missing:tag:T1001 missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1027.002 missing:tag:T1048 missing:tag:T1057 missing:tag:T1070.003 missing:tag:T1070.004 missing:tag:T1070.006 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1222 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1548.001 missing:tag:T1552.003 missing:tag:T1560 missing:tag:T1567 missing:tag:T1573 missing:tag:T1574.007 new

#474 opened Jul 23, 2022 by timb-machine

[Intel]: https://www.intezer.com/blog/research/new-linux-threat-symbiote/ missing:tag:T1001 missing:tag:T1005 missing:tag:T1021.004 missing:tag:T1040 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1071.004 missing:tag:T1222 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1548.001 missing:tag:T1567 missing:tag:T1573 missing:tag:T1574.006

#452 opened Jun 9, 2022 by timb-machine

[Intel]: https://github.com/CiscoCXSecurity/presentations/raw/master/Auditd%20for%20the%20newly%20threatened.pdf ignore:submodule missing:tag:Auditd missing:tag:Non-persistentStorage missing:tag:T1003.008 missing:tag:T1005 missing:tag:T1007 missing:tag:T1021.002 missing:tag:T1021.004 missing:tag:T1027.002 missing:tag:T1027.004 missing:tag:T1048 missing:tag:T1053.006 missing:tag:T1055.008 missing:tag:T1055.012 missing:tag:T1057 missing:tag:T1069 missing:tag:T1070.002 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1078.003 missing:tag:T1083 missing:tag:T1098.004 missing:tag:T1205 missing:tag:T1222 missing:tag:T1491 missing:tag:T1543.002 missing:tag:T1548.001 missing:tag:T1548.003 missing:tag:T1552.004 missing:tag:T1558 missing:tag:T1562.001 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 missing:tag:T1620 missing:tag:T1622

#449 opened Jun 6, 2022 by timb-machine

[Intel]: https://github.com/CiscoCXSecurity/presentations/raw/master/The%20UNIX%20malware%20landscape%20-%20Reviewing%20the%20goods%20at%20MALWAREbazaar%20v5.pdf ignore:submodule missing:tactics missing:tag:Auditd missing:tag:Non-persistentStorage missing:tag:T1003.008 missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1027.002 missing:tag:T1027.004 missing:tag:T1048 missing:tag:T1057 missing:tag:T1071.001 missing:tag:T1071.002 missing:tag:T1078.003 missing:tag:T1222 missing:tag:T1491 missing:tag:T1548.001 missing:tag:T1562.001 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 new

#448 opened Jun 6, 2022 by timb-machine

[Intel]: https://www.securonix.com/blog/detecting-the-enemybot-botnet-advisory/ missing:tactics missing:tag:Non-persistentStorage missing:tag:T1048 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1205 missing:tag:T1222 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1548.001 missing:tag:T1567 missing:tag:T1573 new

#444 opened May 30, 2022 by timb-machine

[Intel]: https://vms.drweb.com/virus/?i=21004786 missing:tag:JavaScript missing:tag:Non-persistentStorage missing:tag:T1048 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1222 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1548.001 missing:tag:T1567 missing:tag:T1573 missing:tag:T1574.007 new

#433 opened May 18, 2022 by timb-machine

Previous 1 2 3 Next

Previous Next

ProTip! Updated in the last three days: updated:>2024-12-28.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly