[Intel]: https://bazaar.abuse.ch/sample/05e9fe8e9e693cb073ba82096c291145c953ca3a3f8b3974f9c66d15c1a3a11d - Githubissues

timb-machine / linux-malware

Tracking interesting Linux (and UNIX) malware. Send PRs

The Unlicense

1.11k stars 90 forks source link

[Intel]: https://bazaar.abuse.ch/sample/05e9fe8e9e693cb073ba82096c291145c953ca3a3f8b3974f9c66d15c1a3a11d #751

Open timb-machine opened 1 year ago

timb-machine commented 1 year ago

Area

Malware binaries

Parent threat

Command and Control, Exfiltration

Finding

https://bazaar.abuse.ch/sample/05e9fe8e9e693cb073ba82096c291145c953ca3a3f8b3974f9c66d15c1a3a11d/

Industry reference

attack:T1048:Exfiltration Over Alternative Protocol attack:T1573:Encrypted Channel attack:T1071:Application Layer Protocol uses:Go

Malware reference

DeimosC2 /malware/binaries/Unix.Backdoor.DeimosC2

Actor reference

No response

Component

Linux

Scenario

No response