You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
attack:T1205.002:Socket Filters
attack:T1036:Masquerading
attack:T1070:Indicator Removal on Host
attack:T1205:Traffic Signaling
attack:T1573:Encrypted Channel
attack:T1106:Native API
attack:T1059.004: Unix Shell
attack:T1070.004:File Deletion
attack:T1036.004:Masquerade Task or Service
attack:T1070.006:Timestomp
uses:RedirectionToNull
uses:Non-persistentStorage
attack:T1036.005:Match Legitimate Name or Location
uses:ProcessTreeSpoofing
attack:T1562.004:Disable or Modify System Firewall
Area
Malware reports
Parent threat
Persistence, Defense Evasion, Command and Control
Finding
https://www.countercraftsec.com/blog/a-step-by-step-bpfdoor-compromise/
Industry reference
attack:T1205.002:Socket Filters
attack:T1036:Masquerading
attack:T1070:Indicator Removal on Host
attack:T1205:Traffic Signaling
attack:T1573:Encrypted Channel
attack:T1106:Native API
attack:T1059.004: Unix Shell
attack:T1070.004:File Deletion
attack:T1036.004:Masquerade Task or Service
attack:T1070.006:Timestomp
uses:RedirectionToNull
uses:Non-persistentStorage
attack:T1036.005:Match Legitimate Name or Location
uses:ProcessTreeSpoofing
attack:T1562.004:Disable or Modify System Firewall
Malware reference
BPFDoor
/malware/binaries/BPFDoor
Unix.Backdoor.RedMenshen
Actor reference
No response
Component
Linux
Solaris
Scenario
No response
The text was updated successfully, but these errors were encountered: