Open timb-machine opened 5 months ago
Malware source
Defense Evasion, Command and Control
https://pastebin.com/kmmJuuQP
attack:T1205.002:Socket Filters attack:T1205:Traffic Signaling uses:BPF uses:Non-persistentStorage uses:ProcessTreeSpoofing
BPFDoor /malware/binaries/BPFDoor Unix.Backdoor.RedMenshen
No response
Linux
Area
Malware source
Parent threat
Defense Evasion, Command and Control
Finding
https://pastebin.com/kmmJuuQP
Industry reference
attack:T1205.002:Socket Filters attack:T1205:Traffic Signaling uses:BPF uses:Non-persistentStorage uses:ProcessTreeSpoofing
Malware reference
BPFDoor /malware/binaries/BPFDoor Unix.Backdoor.RedMenshen
Actor reference
No response
Component
Linux
Scenario
No response