Ecosyste.ms: Issues
An open API service for providing issue and pull request metadata for open source projects.
GitHub / timb-machine/linux-malware issues and pull requests
#813 - [Intel]: https://github.com/SecurityFail/kompromat
Issue -
State: open - Opened by timb-machine 2 months ago
Labels: missing:submodule
#813 - [Intel]: https://github.com/SecurityFail/kompromat
Issue -
State: open - Opened by timb-machine 2 months ago
Labels: missing:submodule
#811 - [Intel]: https://github.com/stratosphereips/StratosphereLinuxIPS
Issue -
State: open - Opened by timb-machine 2 months ago
Labels: new, missing:submodule
#811 - [Intel]: https://github.com/stratosphereips/StratosphereLinuxIPS
Issue -
State: open - Opened by timb-machine 2 months ago
Labels: new, missing:submodule
#807 - Merged #806 to main
Pull Request -
State: open - Opened by timb-machine 4 months ago
#806 - Update github actions workflow
Pull Request -
State: closed - Opened by 0xabdi 9 months ago
#805 - Update github actions workflow
Pull Request -
State: closed - Opened by 0xabdi 9 months ago
#804 - add ransomware samples from six groups
Pull Request -
State: open - Opened by tabell 11 months ago
#803 - [Intel]: https://unfinished.bike/fun-with-the-new-bpfdoor-2023
Issue -
State: open - Opened by timb-machine 12 months ago
Labels: confirmed
#802 - [Intel]: https://pastebin.com/kmmJuuQP
Issue -
State: open - Opened by timb-machine 12 months ago
Labels: confirmed
#799 - [Intel]: https://bitbucket.org/workspacespain/i-s00n-translated
Issue -
State: open - Opened by timb-machine 12 months ago
Labels: new, blocklisted
#794 - [Intel]: https://github.com/tstromberg/sunlight
Issue -
State: open - Opened by timb-machine about 1 year ago
Labels: good first issue, new, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1567, missing:tag:T1573, missing:tag:T1053.003, missing:tag:Non-persistentStorage, missing:tag:T1098.004, missing:tag:RedirectionToNull, missing:tag:T1548.003, missing:tag:T1021.004, missing:tag:T1552.004, missing:tag:eBPF, missing:tag:wltm
#793 - [Intel]: https://github.com/dsnezhkov/zombieant
Issue -
State: open - Opened by timb-machine about 1 year ago
Labels: new, missing:tag:T1005, missing:tag:T1048, missing:tag:T1071.001, missing:tag:T1567, missing:tag:T1573
#792 - [Intel]: https://blog.sygnia.co/revealing-emperor-dragonfly-a-chinese-ransomware-group
Issue -
State: closed - Opened by timb-machine about 1 year ago
Labels: duplicate
#791 - [Intel]: https://github.com/MegaManSec/SSH-Snake
Issue -
State: open - Opened by timb-machine about 1 year ago
Labels: new, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.003, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1552.003, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1021.002, missing:tag:Non-persistentStorage, missing:tag:T1098.004, missing:tag:T1548.003, missing:tag:T1021.004, missing:tag:T1552.004, missing:tag:IRC
#789 - [Intel]: https://www.trendmicro.com/en_us/research/23/i/earth-lusca-employs-new-linux-backdoor.html
Issue -
State: open - Opened by timb-machine about 1 year ago
Labels: missing:tag:T1005, missing:tag:T1057, missing:tag:T1070.003, missing:tag:T1070.004, missing:tag:T1083, missing:tag:T1552.003, missing:tag:T1027.002, missing:tag:T1007, missing:tag:T1053.006, missing:tag:T1543.002, missing:tag:wltm
#787 - [Intel]: https://blog.phylum.io/dozens-of-npm-packages-caught-attempting-to-deploy-reverse-shell/
Issue -
State: open - Opened by timb-machine about 1 year ago
Labels: confirmed
#785 - [Intel]: https://twitter.com/Unit42_Intel/status/1653760405792014336
Issue -
State: closed - Opened by timb-machine about 1 year ago
Labels: duplicate
#783 - [Intel]: https://github.com/SilentVoid13/Silent_Packer
Issue -
State: open - Opened by timb-machine about 1 year ago
Labels: new, missing:tag:T1005, missing:tag:T1048, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1567, missing:tag:T1573
#782 - [Intel]: https://github.com/sad0p/d0zer
Issue -
State: open - Opened by timb-machine about 1 year ago
Labels: new, missing:tag:T1048, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1021.002, missing:tag:Non-persistentStorage, missing:tag:T1574.006, missing:tag:T1574.007, missing:tag:T1027.004, missing:tag:Go
#781 - [Intel]: https://github.com/SkyperTHC/bpf-keylogger
Issue -
State: open - Opened by timb-machine about 1 year ago
Labels: new, missing:tag:T1005, missing:tag:T1048, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1567, missing:tag:T1573
#779 - [Intel]: https://github.com/Achiefs/fim
Issue -
State: open - Opened by timb-machine about 1 year ago
Labels: new, missing:tag:T1005, missing:tag:T1048, missing:tag:T1071.001, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590
#777 - [Intel]: https://github.com/R3tr074/brokepkg
Issue -
State: open - Opened by timb-machine about 1 year ago
Labels: new, missing:tag:T1005, missing:tag:T1048, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1567, missing:tag:T1573, missing:tag:T1548.003
#776 - [Intel]: https://github.com/gianlucaborello/libprocesshider
Issue -
State: open - Opened by timb-machine about 1 year ago
Labels: new, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1071.001, missing:tag:T1567, missing:tag:T1573, missing:tag:T1574.006, missing:tag:T1548.003, missing:tag:T1027.004, missing:tag:T1046
#775 - [Intel]: https://github.com/chenkaie/junkcode/blob/master/xhide.c
Issue -
State: open - Opened by timb-machine about 1 year ago
Labels: new, missing:submodule
#774 - [Intel]: https://blog.virustotal.com/2023/12/sigma-rules-for-linux-and-macos_20.html
Issue -
State: open - Opened by timb-machine about 1 year ago
Labels: missing:malware, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1053.003, missing:tag:wltm
#773 - [Intel]: https://github.com/MatheuZSecurity/D3m0n1z3dShell
Issue -
State: open - Opened by timb-machine about 1 year ago
Labels: good first issue, new, missing:tag:T1005, missing:tag:T1048, missing:tag:T1071.001, missing:tag:T1567, missing:tag:T1573, missing:tag:T1027.002, missing:tag:T1560, missing:tag:Non-persistentStorage, missing:tag:T1222, missing:tag:T1548.001, missing:tag:T1574.006, missing:tag:T1548.003, missing:tag:T1037.004
#771 - [Intel]: https://github.com/Frissi0n/GTFONow
Issue -
State: open - Opened by timb-machine about 1 year ago
Labels: new, missing:tag:T1005, missing:tag:T1048, missing:tag:T1071.001, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1053.003, missing:tag:T1059.006, missing:tag:T1574.006, missing:tag:T1548.003
#764 - [Intel]: https://github.com/nikhilh-20/ELFEN
Issue -
State: open - Opened by timb-machine about 1 year ago
Labels: new, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1059.006, missing:tag:T1053.007, missing:tag:T1609, missing:tag:T1610, missing:tag:wltm
#761 - [Intel]: https://github.com/eeriedusk/nysm
Issue -
State: open - Opened by timb-machine about 1 year ago
Labels: new, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1567, missing:tag:T1573, missing:tag:T1205, missing:tag:T1518, missing:tag:T1548.003, missing:tag:T1070.002, missing:tag:T1021.004, missing:tag:T1046, missing:tag:eBPF, missing:tag:T1562.001, missing:tag:Auditd
#695 - [Intel]: https://twitter.com/Unit42_Intel/status/1653760405792014336
Issue -
State: open - Opened by timb-machine over 1 year ago
Labels: confirmed
#641 - [Intel]: https://www.welivesecurity.com/wp-content/uploads/2021/10/eset_fontonlake.pdf
Issue -
State: open - Opened by timb-machine almost 2 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.003, missing:tag:T1070.004, missing:tag:T1083, missing:tag:T1546.004, missing:tag:T1552.003, missing:tag:T1590, missing:tag:T1021.002, missing:tag:T1027.002, missing:tag:Non-persistentStorage, missing:tag:T1098.004, missing:tag:T1574.006, missing:tag:T1205, missing:tag:T1518, missing:tag:T1574.007, missing:tag:T1021.004, missing:tag:ProcessTreeSpoofing, missing:tag:T1071.002, missing:tag:T1001, missing:tag:T1552.004, missing:tag:ProcessTreeSpoofingForking
#617 - [Intel]: https://themittenmac.com/tinyshell-under-the-microscope/
Issue -
State: open - Opened by timb-machine almost 2 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1222, missing:tag:T1548.001, missing:tag:T1059.006, missing:tag:T1205, missing:tag:T1055.008, missing:tag:T1622
#613 - [Intel]: https://github.com/blackberry/threat-research-and-intelligence/raw/main/Talks/2023-01-30%20-%20SANS%20Cyber%20Threat%20Intelligence%20Summit%20%26%20Training%202023/Pedro%20Drimel%2C%20Jose%20Luis%20Sanchez%20Martinez%20-%20Practical%20CTI%20Analysis%20Over%202022%20ITW%20Linux%20Implants.pdf
Issue -
State: open - Opened by timb-machine almost 2 years ago
Labels: missing:tactics, ignore:submodule
#592 - [Intel]: https://github.com/guitmz/memrun
Issue -
State: open - Opened by timb-machine about 2 years ago
Labels: missing:tag:T1057, missing:tag:Non-persistentStorage, missing:tag:T1620
#552 - [Intel]: https://securelist.com/top-10-unattributed-apt-mysteries/107676/
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1491, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1027.002, missing:tag:T1560, missing:tag:T1205
#549 - [Intel]: https://www.intezer.com/blog/research/acbackdoor-analysis-of-a-new-multiplatform-backdoor/
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1021.002, missing:tag:T1027.002, missing:tag:T1053.003, missing:tag:Non-persistentStorage, missing:tag:T1205, missing:tag:T1620, missing:tag:T1001
#544 - [Intel]: https://blog.sygnia.co/revealing-emperor-dragonfly-a-chinese-ransomware-group
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:T1021.002, missing:tag:T1021.001
#533 - [Intel]: https://chromium.googlesource.com/linux-syscall-support/
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics, missing:tag:T1048, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573
#532 - [Intel]: https://twitter.com/David3141593/status/1575978540868435968
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1071.001, missing:tag:T1567, missing:tag:T1573, missing:tag:T1027.002, missing:tag:T1560
#529 - [Intel]: https://github.com/anelshaer/Remote-Linux-Triage-Collection-using-OSquery
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1567, missing:tag:T1573, missing:tag:T1053.007, missing:tag:T1609, missing:tag:T1610, missing:tag:T1548.003
#526 - [Intel]: https://www.sentinelone.com/labs/the-mystery-of-metador-an-unattributed-threat-hiding-in-telcos-isps-and-universities/
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.003, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1552.003, missing:tag:T1567, missing:tag:T1573, missing:tag:T1021.002, missing:tag:T1027.002, missing:tag:T1560, missing:tag:T1070.006, missing:tag:T1518, missing:tag:T1574.007, missing:tag:PyPI
#525 - [Intel]: https://news.ycombinator.com/item?id=17501379
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1491, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1021.002, missing:tag:T1027.002, missing:tag:T1053.003, missing:tag:T1560, missing:tag:T1007, missing:tag:T1053.006, missing:tag:T1543.002, missing:tag:T1548.003, missing:tag:T1021.004, missing:tag:T1037
#523 - [Intel]: https://lists.archlinux.org/pipermail/aur-general/2018-July/034169.html
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics, missing:tag:T1048, missing:tag:T1071.001, missing:tag:T1567, missing:tag:T1573
#518 - [Intel]: https://www.bitdefender.com/files/News/CaseStudies/study/319/Bitdefender-PR-Whitepaper-DarkNexus-creat4349-en-EN-interactive.pdf
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1491, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1027.002, missing:tag:T1053.003, missing:tag:T1560, missing:tag:Non-persistentStorage, missing:tag:T1222, missing:tag:T1548.001, missing:tag:T1562.004, missing:tag:T1037.004
#514 - [Intel]: https://github.com/chriskaliX/Hades
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1071.001, missing:tag:T1567, missing:tag:T1573, missing:tag:T1021.002, missing:tag:T1053.003, missing:tag:Non-persistentStorage, missing:tag:T1518, missing:tag:T1021.004, missing:tag:T1620, missing:tag:eBPF
#508 - [Intel]: https://hybrid-analysis.com/sample/eb8826bac873442045a6a05f1fa25b410ca18db6942053f6d146467c00d5338d
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573
#506 - [Intel]: https://blog.polyswarm.io/lightning-framework
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1098.004, missing:tag:T1574.006, missing:tag:T1003.008, missing:tag:T1007, missing:tag:T1053.006, missing:tag:T1543.002, missing:tag:T1037, missing:tag:T1552.004
#503 - [Intel]: https://blog.avast.com/2013/08/27/linux-trojan-hand-of-thief-ungloved/
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.003, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1552.003, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1021.002, missing:tag:Non-persistentStorage, missing:tag:T1040
#492 - [Intel]: https://twitter.com/avastthreatlabs/status/1430527767855058949
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1071.001, missing:tag:T1567, missing:tag:T1573, missing:tag:T1027.002, missing:tag:T1560
#490 - [Intel]: https://blog.talosintelligence.com/2022/08/manjusaka-offensive-framework.html
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:T1021.002, missing:tag:T1027.002, missing:tag:T1003.008, missing:tag:T1078.003, missing:tag:T1001, missing:tag:wltm
#487 - [Intel]: https://github.com/io-tl/Mara
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:T1021.002, missing:tag:Non-persistentStorage, missing:tag:T1548.003, missing:tag:T1021.004, missing:tag:T1027.004
#485 - [Intel]: https://github.com/DavidBuchanan314/dlinject
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1567, missing:tag:T1573, missing:tag:T1574.006, missing:tag:T1548.003
#482 - [Intel]: https://analyze.intezer.com/files/82aa04f8576ea573a4772db09ee245cab8eac7ff1e7200f0cc960d8b6f516e92
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics, missing:tag:T1048, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1567, missing:tag:T1573
#481 - [Intel]: https://github.com/creaktive/tsh
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics
#480 - [Intel]: https://twitter.com/billyleonard/status/1458531997576572929
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1071.001, missing:tag:T1567, missing:tag:T1573, missing:tag:T1027.002, missing:tag:T1560
#479 - [Intel]: https://www.intezer.com/blog/malware-analysis/linux-rekoobe-operating-with-new-undetected-malware-samples/
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:T1021.002, missing:tag:T1027.002, missing:tag:T1053.003, missing:tag:T1205, missing:tag:ProcessTreeSpoofing
#478 - [Intel]: https://blog.sekoia.io/walking-on-apt31-infrastructure-footprints/
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1021.002, missing:tag:T1027.002, missing:tag:T1560, missing:tag:T1222, missing:tag:T1548.001
#477 - [Intel]: https://github.com/akamai/akamai-security-research/tree/main/malware/panchan
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics, ignore:submodule
#476 - [Intel]: https://www.akamai.com/blog/security/new-p2p-botnet-panchan
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics
#475 - [Intel]: https://buzzchronicles.com/Mollyycolllinss/b/internet/7795/
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.003, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1552.003, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1027.002, missing:tag:T1560, missing:tag:T1070.006, missing:tag:JavaScript, missing:tag:ProcessTreeSpoofing, missing:tag:T1055.008, missing:tag:T1622, missing:tag:PyPI, missing:tag:ProcessTreeSpoofingForking
#474 - [Intel]: https://xorl.wordpress.com/2022/06/22/the-forgotten-suaveeyeful-freebsd-software-implant-of-the-equation-group/
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.003, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1552.003, missing:tag:T1567, missing:tag:T1573, missing:tag:T1021.002, missing:tag:T1027.002, missing:tag:T1560, missing:tag:Non-persistentStorage, missing:tag:T1222, missing:tag:T1548.001, missing:tag:T1070.006, missing:tag:RedirectionToNull, missing:tag:T1574.007, missing:tag:T1001
#473 - [Intel]: https://grugq.github.io/docs/subversiveld.pdf
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1567, missing:tag:T1573, missing:tag:T1021.002, missing:tag:T1055.008, missing:tag:T1622, missing:tag:IRC
#472 - [Intel]: https://blog.blockmagnates.com/hunt-linux-malware-with-cgroups-497733095a94
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.003, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1552.003, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1021.002, missing:tag:T1027.002, missing:tag:T1053.003, missing:tag:T1560, missing:tag:T1574.006, missing:tag:T1007, missing:tag:T1053.006, missing:tag:T1543.002, missing:tag:T1574.007, missing:tag:T1021.004, missing:tag:ProcessTreeSpoofing, missing:tag:T1037, missing:tag:ProcessTreeSpoofingForking
#471 - [Intel]: https://www.intezer.com/blog/malware-analysis/hiddenwasp-malware-targeting-linux-systems/
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1491, missing:tag:T1567, missing:tag:T1573, missing:tag:T1021.002, missing:tag:T1027.002, missing:tag:T1053.003, missing:tag:T1560, missing:tag:T1574.006, missing:tag:T1071.002
#470 - [Intel]: https://www.intezer.com/blog/research/lightning-framework-new-linux-threat/
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1021.002, missing:tag:T1053.003, missing:tag:T1098.004, missing:tag:T1574.006, missing:tag:T1007, missing:tag:T1053.006, missing:tag:T1543.002, missing:tag:T1037, missing:tag:T1552.004, missing:tag:T1037.004
#470 - [Intel]: https://www.intezer.com/blog/research/lightning-framework-new-linux-threat/
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1021.002, missing:tag:T1053.003, missing:tag:T1098.004, missing:tag:T1574.006, missing:tag:T1007, missing:tag:T1053.006, missing:tag:T1543.002, missing:tag:T1037, missing:tag:T1552.004, missing:tag:T1037.004
#453 - [Intel]: https://github.com/schrodyn/bad_UDP
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics, missing:tag:T1059.006, missing:tag:T1548.003, missing:tag:T1215
#453 - [Intel]: https://github.com/schrodyn/bad_UDP
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics, missing:tag:T1059.006, missing:tag:T1548.003, missing:tag:T1215
#451 - [Intel]: https://izyknows.medium.com/linux-auditd-for-threat-detection-d06c8b941505
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.003, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1552.003, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1021.002, missing:tag:T1027.002, missing:tag:T1059.006, missing:tag:T1574.006, missing:tag:T1070.002, missing:tag:T1021.001, missing:tag:T1562.001, missing:tag:Auditd
#451 - [Intel]: https://izyknows.medium.com/linux-auditd-for-threat-detection-d06c8b941505
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.003, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1552.003, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1021.002, missing:tag:T1027.002, missing:tag:T1059.006, missing:tag:T1574.006, missing:tag:T1070.002, missing:tag:T1021.001, missing:tag:T1562.001, missing:tag:Auditd
#448 - [Intel]: https://github.com/CiscoCXSecurity/presentations/raw/master/The%20UNIX%20malware%20landscape%20-%20Reviewing%20the%20goods%20at%20MALWAREbazaar%20v5.pdf
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics, ignore:submodule, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1021.002, missing:tag:T1027.002, missing:tag:Non-persistentStorage, missing:tag:T1222, missing:tag:T1548.001, missing:tag:T1003.008, missing:tag:T1078.003, missing:tag:T1027.004, missing:tag:T1071.002, missing:tag:T1562.001, missing:tag:Auditd
#445 - [Intel]: https://github.com/alex-cart/LEAF
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: missing:tactics, missing:tag:T1005, missing:tag:T1003.008, missing:tag:T1078.003, missing:tag:T1518, missing:tag:T1548.003
#445 - [Intel]: https://github.com/alex-cart/LEAF
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: missing:tactics, missing:tag:T1005, missing:tag:T1003.008, missing:tag:T1078.003, missing:tag:T1518, missing:tag:T1548.003
#444 - [Intel]: https://www.securonix.com/blog/detecting-the-enemybot-botnet-advisory/
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:Non-persistentStorage, missing:tag:T1222, missing:tag:T1548.001, missing:tag:T1205
#444 - [Intel]: https://www.securonix.com/blog/detecting-the-enemybot-botnet-advisory/
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:Non-persistentStorage, missing:tag:T1222, missing:tag:T1548.001, missing:tag:T1205
#438 - [Intel]: https://youtu.be/16_EAsYAApI
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics
#438 - [Intel]: https://youtu.be/16_EAsYAApI
Issue -
State: open - Opened by timb-machine over 2 years ago
Labels: new, missing:tactics
#419 - [Intel]: https://github.com/Neo23x0/signature-base/blob/master/yara/mal_lnx_implant_may22.yar
Issue -
State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, ignore:submodule
#419 - [Intel]: https://github.com/Neo23x0/signature-base/blob/master/yara/mal_lnx_implant_may22.yar
Issue -
State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, ignore:submodule
#417 - [Intel]: https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/cyber-year-in-retrospect/yir-cyber-threats-report-download.pdf
Issue -
State: open - Opened by timb-machine almost 3 years ago
Labels: missing:tactics, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.003, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1552.003, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1021.002, missing:tag:T1027.002, missing:tag:T1053.003, missing:tag:T1560, missing:tag:T1518, missing:tag:T1021.004, missing:tag:IRC
#417 - [Intel]: https://www.pwc.com/gx/en/issues/cybersecurity/cyber-threat-intelligence/cyber-year-in-retrospect/yir-cyber-threats-report-download.pdf
Issue -
State: open - Opened by timb-machine almost 3 years ago
Labels: missing:tactics, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.003, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1552.003, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1021.002, missing:tag:T1027.002, missing:tag:T1053.003, missing:tag:T1560, missing:tag:T1518, missing:tag:T1021.004, missing:tag:IRC
#413 - [Intel]: https://github.com/io-tl/degu-lib
Issue -
State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1071.001, missing:tag:T1567, missing:tag:T1573, missing:tag:Non-persistentStorage, missing:tag:T1059.006, missing:tag:wltm
#413 - [Intel]: https://github.com/io-tl/degu-lib
Issue -
State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1071.001, missing:tag:T1567, missing:tag:T1573, missing:tag:Non-persistentStorage, missing:tag:T1059.006, missing:tag:wltm
#409 - [Intel]: https://samples.vx-underground.org/APTs/2021/2021.10.11/
Issue -
State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1048, missing:tag:T1070.003, missing:tag:T1071.001, missing:tag:T1546.004, missing:tag:T1552.003, missing:tag:T1567, missing:tag:T1573
#408 - [Intel]: https://vblocalhost.com/conference/presentations/shades-of-red-redxor-linux-backdoor-and-its-chinese-origins/
Issue -
State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1048, missing:tag:T1057, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1070.006
#408 - [Intel]: https://vblocalhost.com/conference/presentations/shades-of-red-redxor-linux-backdoor-and-its-chinese-origins/
Issue -
State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1048, missing:tag:T1057, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1070.006
#406 - [Intel]: https://twitter.com/malwrhunterteam/status/1467264298237972484
Issue -
State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1048, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1567, missing:tag:T1573, missing:tag:T1027.002, missing:tag:T1560
#406 - [Intel]: https://twitter.com/malwrhunterteam/status/1467264298237972484
Issue -
State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1048, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1567, missing:tag:T1573, missing:tag:T1027.002, missing:tag:T1560
#405 - [Intel]: https://blogs.blackberry.com/en/2021/12/reverse-engineering-ebpfkit-rootkit-with-blackberrys-free-ida-processor-tool
Issue -
State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.003, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1552.003, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1027.002, missing:tag:T1560, missing:tag:eBPF
#405 - [Intel]: https://blogs.blackberry.com/en/2021/12/reverse-engineering-ebpfkit-rootkit-with-blackberrys-free-ida-processor-tool
Issue -
State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.003, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1552.003, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1027.002, missing:tag:T1560, missing:tag:eBPF
#404 - [Intel]: https://unit42.paloaltonetworks.com/hildegard-malware-teamtnt/
Issue -
State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.003, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1552.003, missing:tag:T1567, missing:tag:T1573, missing:tag:T1021.002, missing:tag:T1053.007, missing:tag:T1574.006, missing:tag:T1609, missing:tag:T1610
#404 - [Intel]: https://unit42.paloaltonetworks.com/hildegard-malware-teamtnt/
Issue -
State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.003, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1083, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1552.003, missing:tag:T1567, missing:tag:T1573, missing:tag:T1021.002, missing:tag:T1053.007, missing:tag:T1574.006, missing:tag:T1609, missing:tag:T1610
#402 - [Intel]: https://www.sandflysecurity.com/blog/linux-stealth-rootkit-malware-with-edr-evasion-analyzed/
Issue -
State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1021.002, missing:tag:T1027.002, missing:tag:T1071.004, missing:tag:T1098.004, missing:tag:T1574.006, missing:tag:T1007, missing:tag:T1053.006, missing:tag:T1543.002, missing:tag:RedirectionToNull, missing:tag:T1574.007, missing:tag:T1046, missing:tag:T1037, missing:tag:T1552.004
#402 - [Intel]: https://www.sandflysecurity.com/blog/linux-stealth-rootkit-malware-with-edr-evasion-analyzed/
Issue -
State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1021.002, missing:tag:T1027.002, missing:tag:T1071.004, missing:tag:T1098.004, missing:tag:T1574.006, missing:tag:T1007, missing:tag:T1053.006, missing:tag:T1543.002, missing:tag:RedirectionToNull, missing:tag:T1574.007, missing:tag:T1046, missing:tag:T1037, missing:tag:T1552.004
#97 - [Intel]: https://cybersecurity.att.com/blogs/labs-research/botenago-strike-again-malware-source-code-uploaded-to-github
Issue -
State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:T1518
#96 - [Intel]: http://it.rising.com.cn/fanglesuo/19851.html
Issue -
State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1048, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:T1021.001
#92 - [Intel]: https://tolisec.com/ssh-backdoor-botnet-with-research-infection-technique/
Issue -
State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.003, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1552.003, missing:tag:T1567, missing:tag:T1573, missing:tag:T1021.002, missing:tag:Non-persistentStorage, missing:tag:T1222, missing:tag:T1548.001, missing:tag:RedirectionToNull, missing:tag:T1518, missing:tag:T1070.002, missing:tag:T1021.004, missing:tag:T1558, missing:tag:T1037
#91 - [Intel]: https://blog.netlab.360.com/threat-alert-log4j-vulnerability-has-been-adopted-by-two-linux-botnets/
Issue -
State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1027.002, missing:tag:T1560, missing:tag:T1098.004, missing:tag:T1037, missing:tag:T1552.004, missing:tag:T1037.004
#89 - [Intel]: https://pastebin.com/Z3sXqDCA
Issue -
State: open - Opened by timb-machine almost 3 years ago
Labels: new, missing:tactics, missing:tag:T1005, missing:tag:T1048, missing:tag:T1057, missing:tag:T1070.003, missing:tag:T1070.004, missing:tag:T1071.001, missing:tag:T1491, missing:tag:T1546.004, missing:tag:T1552.003, missing:tag:T1567, missing:tag:T1573, missing:tag:T1590, missing:tag:T1021.002, missing:tag:T1027.002, missing:tag:T1053.003, missing:tag:Non-persistentStorage, missing:tag:T1222, missing:tag:T1548.001, missing:tag:T1059.006, missing:tag:T1071.004, missing:tag:RedirectionToNull, missing:tag:JavaScript, missing:tag:T1070.002, missing:tag:T1071.002, missing:tag:T1046, missing:tag:T1037, missing:tag:T1562.004, missing:tag:T1037.004