timb-machine / linux-malware Public

Notifications You must be signed in to change notification settings
Fork 91
Star 1.1k

Code
Issues 780
Pull requests 1
Actions
Projects 1
Security
Insights

Additional navigation options

Code
Issues
Pull requests
Actions
Projects
Security
Insights

Issues: timb-machine/linux-malware

[Intel]: Example Intel

#16 opened Apr 19, 2022 by timb-machine

Open

Labels 175 Milestones 0

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Clear current search query, filters, and sorts

196 Open 0 Closed

Author

Filter by author

Label

Filter by label

Use alt + click/return to exclude labels

or ⇧ + click/return for logical OR

Projects

Filter by project

Milestones

Filter by milestone

Assignee

Filter by who’s assigned

Assigned to nobody

Sort

Sort by

Newest Oldest Most commented Least commented Recently updated Least recently updated Best match

Most reactions

Issues list

[Intel]: https://www.guardicore.com/labs/fritzfrog-a-new-generation-of-peer-to-peer-botnets/ missing:tactics missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1027.002 missing:tag:T1048 missing:tag:T1057 missing:tag:T1070.003 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1098.004 missing:tag:T1205 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1552.003 missing:tag:T1560 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 new

#313 opened Apr 20, 2022 by timb-machine

[Intel]: https://github.com/fboldewin/FastCashMalwareDissected/raw/master/Operation%20Fast%20Cash%20-%20Hidden%20Cobra%E2%80%98s%20AIX%20PowerPC%20malware%20dissected.pdf ignore:submodule missing:tag:Non-persistentStorage missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1027.002 missing:tag:T1048 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1491 missing:tag:T1518 missing:tag:T1558 missing:tag:T1560 missing:tag:T1567 missing:tag:T1573 missing:tag:T1574.006 missing:tag:wltm

#312 opened Apr 20, 2022 by timb-machine

[Intel]: https://twitter.com/malwrhunterteam/status/1415403132230803460 missing:tactics missing:tag:T1021.002 missing:tag:T1027.002 missing:tag:T1048 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 new

#310 opened Apr 20, 2022 by timb-machine

[Intel]: https://www.welivesecurity.com/2017/01/05/killdisk-now-targeting-linux-demands-250k-ransom-cant-decrypt/ missing:tactics missing:tag:Non-persistentStorage missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1027.002 missing:tag:T1048 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 new

#308 opened Apr 20, 2022 by timb-machine

[Intel]: https://unit42.paloaltonetworks.com/ech0raix-ransomware-soho/ missing:tactics missing:tag:Non-persistentStorage missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1027.002 missing:tag:T1048 missing:tag:T1057 missing:tag:T1070.003 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1552.003 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 new

#307 opened Apr 20, 2022 by timb-machine

[Intel]: https://www.trendmicro.com/en_gb/research/21/f/bash-ransomware-darkradiation-targets-red-hat--and-debian-based-linux-distributions.html missing:tactics missing:tag:Non-persistentStorage missing:tag:T1001 missing:tag:T1003.008 missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1027.002 missing:tag:T1048 missing:tag:T1057 missing:tag:T1070.003 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1552.003 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 missing:tag:wltm new

#304 opened Apr 20, 2022 by timb-machine

[Intel]: https://www.sentinelone.com/blog/darkradiation-abusing-bash-for-linux-and-docker-container-ransomware/ missing:tactics missing:tag:T1005 missing:tag:T1007 missing:tag:T1021.002 missing:tag:T1021.004 missing:tag:T1027.002 missing:tag:T1037 missing:tag:T1048 missing:tag:T1053.006 missing:tag:T1053.007 missing:tag:T1070.003 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1491 missing:tag:T1543.002 missing:tag:T1546.004 missing:tag:T1552.003 missing:tag:T1567 missing:tag:T1573 missing:tag:T1574.007 missing:tag:T1609 missing:tag:T1610 new

#303 opened Apr 20, 2022 by timb-machine

[Intel]: https://www.intezer.com/blog/research/a-storm-is-brewing-ipstorm-now-has-linux-malware/ missing:tactics missing:tag:Non-persistentStorage missing:tag:T1005 missing:tag:T1007 missing:tag:T1021.002 missing:tag:T1027.002 missing:tag:T1037 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1053.006 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1491 missing:tag:T1543.002 missing:tag:T1546.004 missing:tag:T1548.003 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 new

#299 opened Apr 20, 2022 by timb-machine

[Intel]: https://securelist.com/ransomexx-trojan-attacks-linux-systems/99279/ missing:tactics missing:tag:T1021.002 missing:tag:T1027.002 missing:tag:T1048 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1205 missing:tag:T1491 missing:tag:T1560 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 new

#298 opened Apr 20, 2022 by timb-machine

[Intel]: https://www.heise.de/security/meldung/Achtung-Anzeigen-Server-OpenX-enthaelt-eine-Hintertuer-1929769.html missing:tactics missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1027.002 missing:tag:T1048 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1567 missing:tag:T1573 new

#295 opened Apr 20, 2022 by timb-machine

[Intel]: https://blog.sonatype.com/newly-found-npm-malware-mines-cryptocurrency-on-windows-linux-macos-devices missing:tag:PyPI missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1048 missing:tag:T1057 missing:tag:T1070.003 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1552.003 missing:tag:T1567 missing:tag:T1573 missing:tag:T1574.007 missing:tag:T1590 new

#294 opened Apr 20, 2022 by timb-machine

[Intel]: https://portswigger.net/daily-swig/homebrew-bug-allowed-researcher-full-access-to-github-repos missing:tactics missing:tag:JavaScript missing:tag:NPM missing:tag:T1021.002 missing:tag:T1048 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 new

#290 opened Apr 20, 2022 by timb-machine

[Intel]: https://pberba.github.io/security/2022/02/07/linux-threat-hunting-for-persistence-systemd-generators/ missing:tactics missing:tag:Auditd missing:tag:T1001 missing:tag:T1005 missing:tag:T1007 missing:tag:T1021.002 missing:tag:T1037 missing:tag:T1037.004 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1053.006 missing:tag:T1057 missing:tag:T1071.001 missing:tag:T1222 missing:tag:T1491 missing:tag:T1543.002 missing:tag:T1546.004 missing:tag:T1548.001 missing:tag:T1562.001 missing:tag:T1567 missing:tag:T1573 new

#277 opened Apr 20, 2022 by timb-machine

[Intel]: https://redcanary.com/blog/ebpf-for-security/ missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1048 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 new

#270 opened Apr 20, 2022 by timb-machine

[Intel]: https://www.rfxn.com/projects/linux-malware-detect/ missing:tactics missing:tag:T1001 missing:tag:T1021.002 missing:tag:T1027.002 missing:tag:T1046 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1053.007 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1491 missing:tag:T1567 missing:tag:T1573 missing:tag:T1574.007 missing:tag:T1590 missing:tag:T1609 missing:tag:T1610 new

#261 opened Apr 20, 2022 by timb-machine

[Intel]: http://www.ouah.org/LKM_HACKING.html missing:tag:IRC missing:tag:Non-persistentStorage missing:tag:ProcessTreeSpoofing missing:tag:ProcessTreeSpoofingForking missing:tag:T1003.008 missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1027.004 missing:tag:T1048 missing:tag:T1055.008 missing:tag:T1055.012 missing:tag:T1057 missing:tag:T1070.002 missing:tag:T1070.004 missing:tag:T1070.006 missing:tag:T1071.001 missing:tag:T1071.002 missing:tag:T1078.003 missing:tag:T1083 missing:tag:T1215 missing:tag:T1222 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1548.001 missing:tag:T1567 missing:tag:T1574.006 missing:tag:T1574.007 missing:tag:T1590 missing:tag:T1622

#257 opened Apr 20, 2022 by timb-machine

[Intel]: https://packetstormsecurity.com/files/34013/0x4553-Static_Infecting.html missing:tactics missing:tag:JavaScript missing:tag:T1021.002 missing:tag:T1048 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1567 missing:tag:T1573 new

#255 opened Apr 20, 2022 by timb-machine

[Intel]: https://is.muni.cz/el/fi/jaro2011/PV204/um/LinuxRootkits/sys_call_table_complete.htm missing:tag:IRC missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1027.004 missing:tag:T1048 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1215 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1548.003 missing:tag:T1567 missing:tag:T1590

#254 opened Apr 20, 2022 by timb-machine

[Intel]: https://troopers.de/downloads/troopers19/TROOPERS19_AD_Fun_With_LDAP.pdf missing:tactics missing:tag:Non-persistentStorage missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1048 missing:tag:T1057 missing:tag:T1069 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1071.004 missing:tag:T1083 missing:tag:T1491 missing:tag:T1518 missing:tag:T1558 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 missing:tag:wltm new

#248 opened Apr 20, 2022 by timb-machine

[Intel]: https://www.blackhat.com/presentations/bh-europe-09/Bouillon/BlackHat-Europe-09-Bouillon-Taming-the-Beast-Kerberous-slides.pdf missing:tactics missing:tag:Non-persistentStorage missing:tag:T1021.002 missing:tag:T1021.004 missing:tag:T1027.002 missing:tag:T1048 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1556.003 missing:tag:T1558 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 new

#245 opened Apr 20, 2022 by timb-machine

[Intel]: https://github.com/CiscoCXSecurity/presentations/raw/master/eu-18-Wadhwa-Brown-Where-2-worlds-collide-Bringing-Mimikatz-et-al-to-UNIX.pdf ignore:submodule missing:tag:Auditd missing:tag:Non-persistentStorage missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1046 missing:tag:T1048 missing:tag:T1055.008 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1548.003 missing:tag:T1558 missing:tag:T1562.001 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 missing:tag:T1622

#241 opened Apr 20, 2022 by timb-machine

[Intel]: https://blog.talosintelligence.com/2018/12/PortcullisActiveDirectory.html missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1027.002 missing:tag:T1048 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1548.003 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590

#240 opened Apr 20, 2022 by timb-machine

[Intel]: https://rp.os3.nl/2016-2017/p97/presentation.pdf missing:tactics missing:tag:Non-persistentStorage missing:tag:ProcessTreeSpoofing missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1048 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1546.004 missing:tag:T1558 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 new

#235 opened Apr 20, 2022 by timb-machine

[Intel]: https://rp.os3.nl/2016-2017/p97/report.pdf missing:tactics missing:tag:Non-persistentStorage missing:tag:ProcessTreeSpoofing missing:tag:RedirectionToNull missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1048 missing:tag:T1053.003 missing:tag:T1057 missing:tag:T1059.006 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1083 missing:tag:T1491 missing:tag:T1546.004 missing:tag:T1548.003 missing:tag:T1558 missing:tag:T1567 missing:tag:T1573 missing:tag:T1574.007 missing:tag:T1590 new

#234 opened Apr 20, 2022 by timb-machine

[Intel]: https://rp.os3.nl/2016-2017/p59/report.pdf missing:tactics missing:tag:ProcessTreeSpoofing missing:tag:T1005 missing:tag:T1021.002 missing:tag:T1027.002 missing:tag:T1040 missing:tag:T1048 missing:tag:T1057 missing:tag:T1070.004 missing:tag:T1071.001 missing:tag:T1071.002 missing:tag:T1071.004 missing:tag:T1083 missing:tag:T1491 missing:tag:T1560 missing:tag:T1567 missing:tag:T1573 missing:tag:T1590 new

#232 opened Apr 20, 2022 by timb-machine

Previous 1 2 3 4 5 6 7 8 Next

Previous Next

ProTip! no:milestone will show everything without a milestone.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly