Tracking interesting Linux (and UNIX) malware. Send PRs
1.11k
stars
90
forks
source link
[Intel]: https://blogs-jpcert-or-jp.translate.goog/ja/2023/07/dangerouspassword_dev.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en-US&_x_tr_pto=wapp #721
Open
timb-machine opened 1 year ago
Area
Malware reports
Parent threat
Defense Evasion, Command and Control
Finding
https://blogs-jpcert-or-jp.translate.goog/ja/2023/07/dangerouspassword_dev.html
Industry reference
uses:Python uses:JavaScript attack:T1140:Deobfuscate/Decode Files or Information
Malware reference
PythonHTTPBackdoor wltm
Actor reference
DangerousPassword CryptoMimic SnatchCrypto
Component
Linux
Scenario
No response