Here’s a Simple Script to Detect the Stealthy Nation-State BPFDoor | Qualys Security Blog
Tags
Common Information
| Type | Value |
|---|---|
| UUID | e797c489-ca74-4dbb-ba5e-c078a93bd3ee |
| Fingerprint | a5f9991ba9bb1798 |
| Analysis status | DONE |
| Considered CTI value | 2 |
| Text language | |
| Published | Aug. 1, 2022, 5 a.m. |
| Added to db | Sept. 11, 2022, 12:41 p.m. |
| Last updated | Nov. 17, 2024, 6:56 p.m. |
| Headline | Here’s a Simple Script to Detect the Stealthy Nation-State BPFDoor |
| Title | Here’s a Simple Script to Detect the Stealthy Nation-State BPFDoor | Qualys Security Blog |
| Detected Hints/Tags/Attributes | 78/3/27 |
Source URLs
URL Provider
Attributes
| Details | Type | #Events | CTI | Value |
|---|---|---|---|---|
| Details | Domain | 6 | haldrund.pid |
|
| Details | Domain | 4 | kdevrund.pid |
|
| Details | sha256 | 5 | 07ecb1f2d9ffbd20a46cd36cd06b022db3cc8e45b1ecab62cd11f9ca7a26ab6d |
|
| Details | sha256 | 3 | 1925e3cd8a1b0bba0d297830636cdb9ebf002698c8fa71e0063581204f4e8345 |
|
| Details | sha256 | 4 | 4c5cf8f977fc7c368a8e095700a44be36c8332462c0b1e41bff03238b2bf2a2d |
|
| Details | sha256 | 5 | 591198c234416c6ccbcea6967963ca2ca0f17050be7eed1602198308d9127c78 |
|
| Details | sha256 | 5 | 599ae527f10ddb4625687748b7d3734ee51673b664f2e5d0346e64f85e185683 |
|
| Details | sha256 | 4 | 5b2a079690efb5f4e0944353dd883303ffd6bab4aad1f0c88b49a76ddcb28ee9 |
|
| Details | sha256 | 4 | 5faab159397964e630c4156f8852bcc6ee46df1cdd8be2a8d3f3d8e5980f3bb3 |
|
| Details | sha256 | 5 | 76bf736b25d5c9aaf6a84edd4e615796fffc338a893b49c120c0b4941ce37925 |
|
| Details | sha256 | 4 | 93f4262fce8c6b4f8e239c35a0679fbbbb722141b95a5f2af53a2bcafe4edd1c |
|
| Details | sha256 | 5 | 96e906128095dead57fdc9ce8688bb889166b67c9a1b8fdb93d7cff7f3836bb9 |
|
| Details | sha256 | 4 | 97a546c7d08ad34dfab74c9c8a96986c54768c592a8dae521ddcf612a84fb8cc |
|
| Details | sha256 | 3 | c796fc66b655f6107eacbe78a37f0e8a2926f01fecebd9e68a66f0e261f91276 |
|
| Details | sha256 | 4 | c80bd1c4a796b4d3944a097e96f384c85687daeedcdcf05cc885c8c9b279b09c |
|
| Details | sha256 | 5 | f47de978da1dbfc5e0f195745e3368d3ceef034e964817c66ba01396a1953d72 |
|
| Details | sha256 | 4 | f8a5e735d6e79eb587954a371515a82a15883cf2eda9d7ddb8938b86e714ea27 |
|
| Details | sha256 | 5 | fa0defdabd9fd43fe2ef1ec33574ea1af1290bd3d763fdb2bed443f2bd996d73 |
|
| Details | sha256 | 4 | fd1b20ee5bd429046d3c04e9c675c41e9095bea70e0329bd32d7edd17ebaf68a |
|
| Details | sha256 | 4 | 144526d30ae747982079d5d340d1ff116a7963aba2e3ed589e7ebc297ba0c1b3 |
|
| Details | MITRE ATT&CK Techniques | 183 | T1036.005 |
|
| Details | MITRE ATT&CK Techniques | 297 | T1070.004 |
|
| Details | MITRE ATT&CK Techniques | 93 | T1070.006 |
|
| Details | MITRE ATT&CK Techniques | 86 | T1059.004 |
|
| Details | MITRE ATT&CK Techniques | 239 | T1106 |
|
| Details | MITRE ATT&CK Techniques | 12 | T1548.001 |
|
| Details | MITRE ATT&CK Techniques | 159 | T1095 |