Linux Persistence Techniques Detected by AhnLab EDR (1) - ASEC
Tags
cmtmf-attack-pattern: Event Triggered Execution Scheduled Task/Job
maec-delivery-vectors: Watering Hole
attack-pattern: Data Create Or Modify System Process - T1543 Cron - T1053.003 Dll Side-Loading - T1574.002 Dynamic Linker Hijacking - T1574.006 Event Triggered Execution - T1624 Event Triggered Execution - T1546 Hijack Execution Flow - T1625 Hijack Execution Flow - T1574 Malware - T1587.001 Malware - T1588.001 Scheduled Task/Job - T1603 Systemd Service - T1543.002 Systemd Service - T1501 Unix Shell Configuration Modification - T1546.004 Winlogon Helper Dll - T1547.004 Dll Side-Loading - T1073 Rootkit - T1014 Scheduled Task - T1053 Winlogon Helper Dll - T1004 Rootkit
Show in Graph
Common Information
Type Value
UUID 10fb1925-456c-4452-93db-d2d51ba353f2
Fingerprint 9d0e9d6ce9a19e8e
Analysis status DONE
Considered CTI value 2
Text language
Published Sept. 29, 2024, 3 p.m.
Added to db Oct. 29, 2024, 8:37 a.m.
Last updated Nov. 14, 2024, 8:09 a.m.
Headline Linux Persistence Techniques Detected by AhnLab EDR (1)
Title Linux Persistence Techniques Detected by AhnLab EDR (1) - ASEC
Detected Hints/Tags/Attributes 56/3/11
Source URLs
Redirection Url
Details Source https://asec.ahnlab.com/en/83779/
URL Provider
Details Provider Source level domain
Details ahnlab.com asec.ahnlab.com
RSS Feed
Details Id Enabled Feed title Url Added to db
Details 17 ASEC https://asec.ahnlab.com/en/feed/ 2024-08-30 22:08
Attributes
Details Type #Events CTI Value
Details Domain 5 
gcc.sh
Details Domain 5 
libudev.so
Details Domain 2 
cached.so
Details Domain 117 
ld.so
Details Domain 13 
libsystem.so
Details MITRE ATT&CK Techniques 480 
T1053
Details MITRE ATT&CK Techniques 122 
T1543
Details MITRE ATT&CK Techniques 16 
T1574.006
Details MITRE ATT&CK Techniques 11 
T1546.004
Details MITRE ATT&CK Techniques 44 
T1053.003
Details MITRE ATT&CK Techniques 23 
T1543.002