SYMBOLCOMMON_NAMEaka. SYNONYMS
elf.orbit (Back to overview)

OrBit

According to stormshield, Orbit is a two-stage malware that appeared in July 2022, discovered by Intezer lab. Acting as a stealer and backdoor on 64-bit Linux systems, it consists of an executable acting as a dropper and a dynamic library.

References
2022-07-06IntezerNicole Fishbein
@online{fishbein:20220706:orbit:eacf07e, author = {Nicole Fishbein}, title = {{OrBit: New Undetected Linux Threat Uses Unique Hijack of Execution Flow}}, date = {2022-07-06}, organization = {Intezer}, url = {https://www.intezer.com/blog/incident-response/orbit-new-undetected-linux-threat/}, language = {English}, urldate = {2022-07-12} } OrBit: New Undetected Linux Threat Uses Unique Hijack of Execution Flow
HiddenWasp OrBit Symbiote

There is no Yara-Signature yet.