Open timb-machine opened 6 months ago
Malware reports
Initial Access, Persistence, Defense Evasion, Impact
https://www.cadosecurity.com/kiss-a-dog-discovered-utilizing-a-20-year-old-process-hider/
uses:ProcessTreeSpoofing uses:TamperedPS uses:Python attack:T1140:Deobfuscate/Decode Files or Information attack:T1496:Resource Hijacking attack:T1547.006:Kernel Modules and Extensions attack:T1574.006:Dynamic Linker Hijacking
XHide XMRig Diamorphine libprocesshider
Kiss-a-Dog
Linux
Cloud hosted services
Area
Malware reports
Parent threat
Initial Access, Persistence, Defense Evasion, Impact
Finding
https://www.cadosecurity.com/kiss-a-dog-discovered-utilizing-a-20-year-old-process-hider/
Industry reference
uses:ProcessTreeSpoofing uses:TamperedPS uses:Python attack:T1140:Deobfuscate/Decode Files or Information attack:T1496:Resource Hijacking attack:T1547.006:Kernel Modules and Extensions attack:T1574.006:Dynamic Linker Hijacking
Malware reference
XHide XMRig Diamorphine libprocesshider
Actor reference
Kiss-a-Dog
Component
Linux
Scenario
Cloud hosted services