Skip to content

Files

Latest commit

eset-researchnyx0
eset-research
and
nyx0
Added IoCs for bootkitty
Nov 26, 2024
9431ee8 · Nov 26, 2024

History

History

bootkitty

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
README.adoc
README.adoc
Nov 26, 2024
samples.md5
samples.md5
Nov 26, 2024
samples.sha1
samples.sha1
Nov 26, 2024
samples.sha256
samples.sha256
Nov 26, 2024

README.adoc

Bootkitty: Analyzing the first UEFI bootkit for Linux — Indicators of Compromise

The blog post on Bootkitty: Analyzing the first UEFI bootkit for Linux is available on WeLiveSecurity at https://www.welivesecurity.com/en/eset-research/bootkitty-analyzing-first-uefi-bootkit-linux/

ESET detection names

  • EFI/Agent.A

  • Linux/Rootkit.Agent.FM

Host based indicators

SHA-1 hashes

35ADF3AED60440DA7B80F3C452047079E54364C1
BDDF2A7B3152942D3A829E63C03C7427F038B86D
E8AF4ED17F293665136E17612D856FA62F96702D