[Intel]: https://pastebin.com/raw/kmmJuuQP

[timb-machine]

Area

Malware source

Parent threat

Persistence, Defense Evasion, Command and Control

Finding

https://pastebin.com/raw/kmmJuuQP

Industry reference

uses:BPF attack:T1036:Masquerading attack:T1070:Indicator Removal on Host attack:T1205:Traffic Signaling

Malware reference

BPFDoor Tricephalic Hellkeeper Unix.Backdoor.RedMenshen JustForFun https://github.com/timb-machine/linux-malware/issues/418

Actor reference

DecisiveArchitect

Component

Linux

Scenario

No response

Scenario variation

No response