ioc[.]one - OSINT Cyber Threat Intelligence Database

Building a Automated Linux Sandbox for Malware Analysis

Tags

cmtmf-attack-pattern:

Code Injection Command And Scripting Interpreter Scheduled Task/Job

attack-pattern:

Data Code Injection - T1540 Command And Scripting Interpreter - T1623 Cron - T1053.003 Hidden Files And Directories - T1564.001 Hide Artifacts - T1628 Hide Artifacts - T1564 Hooking - T1617 Malware - T1587.001 Malware - T1588.001 Pluggable Authentication Modules - T1556.003 Scheduled Task - T1053.005 Scheduled Task/Job - T1603 Server - T1583.004 Server - T1584.004 Software - T1592.002 Unix Shell - T1059.004 Tool - T1588.002 Vulnerabilities - T1588.006 Unix Shell - T1623.001 Command-Line Interface - T1059 Hidden Files And Directories - T1158 Hooking - T1179 Rootkit - T1014 Scheduled Task - T1053 Sudo - T1169 System Owner/User Discovery - T1033 Hooking Rootkit

Show in Graph

Common Information

Type	Value
UUID	24ab438b-65a4-4893-aec1-936d6dfebb25
Fingerprint	1f2c9b0fe9b7a698
Analysis status	DONE
Considered CTI value	2
Text language
Published	Oct. 10, 2024, 6:37 a.m.
Added to db	Oct. 10, 2024, 8:48 a.m.
Last updated	Nov. 17, 2024, 7:44 p.m.
Headline	Building an Automated Linux Sandbox for Malware Analysis
Title	Building a Automated Linux Sandbox for Malware Analysis
Detected Hints/Tags/Attributes	84/2/14

Source URLs

	Redirection	Url
Details	Source	https://medium.com/csit-tech-blog/building-a-automated-linux-sandbox-for-malware-analysis-6fb1fb6cb7c2?source=rss------malware-5

URL Provider

Details	Provider	Source level domain
Details	medium.com	medium.com

RSS Feed

Details	Id	Enabled	Feed title	Url	Added to db
Details	171	✔	Malware on Medium	https://medium.com/feed/tag/malware	2024-08-30 22:08

Attributes

Details	Type	#Events	CTI	Value
Details	Domain	358		pastebin.com
Details	Domain	6		haldrund.pid
Details	Domain	1		tracee.aquasec.com
Details	Domain	4127		github.com
Details	File	1		diamorphine-invisible.txt
Details	File	1		diamorphine-visible.txt
Details	Github username	6		aquasecurity
Details	md5	1		5e11432c30783b184dc2bf27aa1728b4
Details	MITRE ATT&CK Techniques	230		T1033
Details	MITRE ATT&CK Techniques	94		T1564.001
Details	MITRE ATT&CK Techniques	44		T1053.003
Details	MITRE ATT&CK Techniques	86		T1059.004
Details	Url	1		https://pastebin.com/raw/kmmjuuqp
Details	Url	1		https://github.com/aquasecurity/tracee/blob/main/examples/policies/signature_events.yaml