Derusbi

MITRE

Tipo Malware:
Other

Prima attivita:
Unknown

Ultima attivita:
Unknown

Dettagli:

[Derusbi](https://attack.mitre.org/software/S0021) is malware used by multiple Chinese APT groups.(Citation: Novetta-Axiom)(Citation: ThreatConnect Anthem) Both Windows and Linux variants have been observed.(Citation: Fidelis Turbo)

Tecniche Associate (18)

ID	ATT&CK	Tattiche
T1008	Fallback Channels	-
T1012	Query Registry	-
T1033	System Owner/User Discovery	-
T1055.001	Dynamic-link Library Injection	-
T1056.001	Keylogging	-
T1057	Process Discovery	-
T1059.004	Unix Shell	-
T1070.004	File Deletion	-
T1070.006	Timestomp	-
T1082	System Information Discovery	-
T1083	File and Directory Discovery	-
T1095	Non-Application Layer Protocol	-
T1113	Screen Capture	-
T1123	Audio Capture	-
T1125	Video Capture	-

Alias (105)

PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO PHOTO

Usato da Attori (4)

APT41
Nation-state

Axiom
Unknown

Deep Panda
Unknown

Leviathan
Unknown

Metadata

ID:	420
Created:	13/01/2026 17:48
Updated:	06/03/2026 16:00