Malware: Skidmap

Description

[Skidmap](https://attack.mitre.org/software/S0468) is a kernel-mode rootkit used for cryptocurrency mining.(Citation: Trend Micro Skidmap)

External References

• mitre-attack
• Trend Micro Skidmap

Techniques Used by This Malware

• T1014 — Rootkit
• T1027.013 — Encrypted/Encoded File
• T1036.005 — Match Legitimate Resource Name or Location
• T1053.003 — Cron
• T1057 — Process Discovery
• T1059.004 — Unix Shell
• T1082 — System Information Discovery
• T1083 — File and Directory Discovery
• T1098.004 — SSH Authorized Keys
• T1105 — Ingress Tool Transfer
• T1140 — Deobfuscate/Decode Files or Information
• T1496.001 — Compute Hijacking
• T1518.001 — Security Software Discovery
• T1547.006 — Kernel Modules and Extensions
• T1556.003 — Pluggable Authentication Modules
• T1562.001 — Disable or Modify Tools