Searching
..

Click anywhere to stop

Trojan.Win64.Miner.akje

Class Trojan
Platform Win64
Family Miner
Full name Trojan.Win64.Miner.akje
Examples 6DAEAD9F4A49790B600128C2A1228989
72EBFCD22ED5E16887EC1F12728E1FA7
4765A72CFA08307479A3BE8C19294759
5EB100AB8BB061D318AB6CB0162C18D7
57ACF88176C7D8138A7AF2C2C9FFA5E0
Updated at 2024-01-18 04:50:09
Tactics &
techniques MITRE*

TA0005 Defense Evasion

The adversary is trying to avoid being detected.


Defense Evasion consists of techniques that adversaries use to avoid detection throughout their compromise. Techniques used for defense evasion include uninstalling/disabling security software or obfuscating/encrypting data and scripts. Adversaries also leverage and abuse trusted processes to hide and masquerade their malware. Other tactics’ techniques are cross-listed here when those techniques include the added benefit of subverting defenses.


T1070.006 Indicator Removal: Timestomp

Adversaries may modify file time attributes to hide new or changes to existing files. Timestomping is a technique that modifies the timestamps of a file (the modify, access, create, and change times), often to mimic files that are in the same folder. This is done, for example, on files that have been modified or created by the adversary so that they do not appear conspicuous to forensic investigators or file analysis tools.

Timestomping may be used along with file name Masquerading to hide malware and tools.(Citation: WindowsIR Anti-Forensic Techniques)
* © 2024 The MITRE Corporation. This work is reproduced and distributed with the permission of The MITRE Corporation.
Find out the statistics of the threats spreading in your region