Umbreon - S0221 (3d8e547d-9456-4f32-a895-dc86134e282f)

A Linux rootkit that provides backdoor access and hides from defenders.

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Umbreon (2a18f5dd-40fc-444b-a7c6-85f94b3eee13)	Tool	Umbreon - S0221 (3d8e547d-9456-4f32-a895-dc86134e282f)	Malware	1
Rootkit - T1014 (0f20e3cb-245b-4a61-8a91-2d93f7cb0e9b)	Attack Pattern	Umbreon - S0221 (3d8e547d-9456-4f32-a895-dc86134e282f)	Malware	1
Umbreon - S0221 (3d8e547d-9456-4f32-a895-dc86134e282f)	Malware	Local Accounts - T1078.003 (fdc47f44-dd32-4b99-af5f-209f556f63c2)	Attack Pattern	1
Non-Application Layer Protocol - T1095 (c21d5a77-d422-4a69-acd7-2c53c1faa34b)	Attack Pattern	Umbreon - S0221 (3d8e547d-9456-4f32-a895-dc86134e282f)	Malware	1
Traffic Signaling - T1205 (451a9977-d255-43c9-b431-66de80130c8c)	Attack Pattern	Umbreon - S0221 (3d8e547d-9456-4f32-a895-dc86134e282f)	Malware	1
Umbreon (637000f7-4363-44e0-b795-9cfb7a3dc460)	Malpedia	Umbreon - S0221 (3d8e547d-9456-4f32-a895-dc86134e282f)	Malware	1
Windows Command Shell - T1059.003 (d1fcf083-a721-4223-aedf-bf8960798d62)	Attack Pattern	Umbreon - S0221 (3d8e547d-9456-4f32-a895-dc86134e282f)	Malware	1
Umbreon (2a18f5dd-40fc-444b-a7c6-85f94b3eee13)	Tool	Umbreon (637000f7-4363-44e0-b795-9cfb7a3dc460)	Malpedia	2
Valid Accounts - T1078 (b17a1a56-e99c-403c-8948-561df0cffe81)	Attack Pattern	Local Accounts - T1078.003 (fdc47f44-dd32-4b99-af5f-209f556f63c2)	Attack Pattern	2
Command and Scripting Interpreter - T1059 (7385dfaf-6886-4229-9ecd-6fd678040830)	Attack Pattern	Windows Command Shell - T1059.003 (d1fcf083-a721-4223-aedf-bf8960798d62)	Attack Pattern	2