ioc[.]one - OSINT Cyber Threat Intelligence Database

How Malicious Actors Abuse Native Linux Tools in Their Attacks

Tags

attack-pattern:

Data /Etc/Passwd And /Etc/Shadow - T1003.008 Bash History - T1552.003 Confluence - T1213.001 Cron - T1053.003 Exploits - T1587.004 Exploits - T1588.005 Hidden Files And Directories - T1564.001 Hide Artifacts - T1628 Hide Artifacts - T1564 Malware - T1587.001 Malware - T1588.001 Process Discovery - T1424 Server - T1583.004 Server - T1584.004 Software - T1592.002 Ssh - T1021.004 Tool - T1588.002 Vulnerabilities - T1588.006 Bash History - T1139 Hidden Files And Directories - T1158 Obfuscated Files Or Information - T1027 Process Discovery - T1057 Rootkit - T1014 Rootkit

Show in Graph

Common Information

Type	Value
UUID	025e3632-154b-4cbe-a938-19fb69a0eb4d
Fingerprint	bc1519589937b781
Analysis status	DONE
Considered CTI value	2
Text language
Published	Sept. 8, 2022, midnight
Added to db	Oct. 15, 2024, 4:08 p.m.
Last updated	Nov. 17, 2024, 6:56 p.m.
Headline	How Malicious Actors Abuse Native Linux Tools in Attacks
Title	How Malicious Actors Abuse Native Linux Tools in Their Attacks
Detected Hints/Tags/Attributes	69/1/7

Source URLs

	Redirection	Url
Details	Source	https://www.trendmicro.com/en_my/research/22/i/how-malicious-actors-abuse-native-linux-tools-in-their-attacks.html
Details	Source	https://www.trendmicro.com/en_au/research/22/i/how-malicious-actors-abuse-native-linux-tools-in-their-attacks.html
Details	Source	https://www.trendmicro.com/en_nz/research/22/i/how-malicious-actors-abuse-native-linux-tools-in-their-attacks.html
Details	Source	https://www.trendmicro.com/en_sg/research/22/i/how-malicious-actors-abuse-native-linux-tools-in-their-attacks.html

URL Provider

Details	Provider	Source level domain
Details	trendmicro.com	www.trendmicro.com

Attributes

Details	Type	#Events	CTI	Value
Details	CVE	397		cve-2021-44228
Details	IPv4	1441		127.0.0.1
Details	MITRE ATT&CK Techniques	627		T1027
Details	MITRE ATT&CK Techniques	15		T1003.008
Details	MITRE ATT&CK Techniques	44		T1053.003
Details	MITRE ATT&CK Techniques	433		T1057
Details	MITRE ATT&CK Techniques	94		T1564.001