Malware Analysis Report

2024-12-01 00:48

Sample ID 210910-r13sysddap
Target 6638926565638144.zip
SHA256 cdc055e60a275ac6b7309b2d84d1167237b32862b3967b4f2fb7417757596f50
Tags
kaiten
score
10/10

Table of Contents

Analysis Overview

MITRE ATT&CK

Analysis: static1

Detonation Overview

Signatures

Analysis: behavioral3

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral1

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis: behavioral2

Detonation Overview

Command Line

Signatures

Processes

Network

Files

Analysis Overview

score
10/10

SHA256

cdc055e60a275ac6b7309b2d84d1167237b32862b3967b4f2fb7417757596f50

Threat Level: Known bad

The file 6638926565638144.zip was found to be: Known bad.

Malicious Activity Summary

kaiten

Kaiten family

Identified Kaiten Bot

MITRE ATT&CK

N/A

Analysis: static1

Detonation Overview

Reported

2021-09-10 14:40

Signatures

Identified Kaiten Bot

Description Indicator Process Target
N/A N/A N/A N/A

Kaiten family

kaiten

Analysis: behavioral3

Detonation Overview

Submitted

2021-09-10 14:40

Reported

2021-09-10 14:40

Platform

debian9-mipsbe

Command Line

[./b6f0203ddf24cd04489cbbed24059d84504a2ba904659681ad05b7d2c130d4b5]

Signatures

N/A

Processes

./b6f0203ddf24cd04489cbbed24059d84504a2ba904659681ad05b7d2c130d4b5

[./b6f0203ddf24cd04489cbbed24059d84504a2ba904659681ad05b7d2c130d4b5]

Network

N/A

Files

N/A

Analysis: behavioral1

Detonation Overview

Submitted

2021-09-10 14:40

Reported

2021-09-10 14:40

Platform

ubuntu-amd64

Max time kernel

0s

Max time network

1s

Command Line

[./b6f0203ddf24cd04489cbbed24059d84504a2ba904659681ad05b7d2c130d4b5]

Signatures

N/A

Processes

./b6f0203ddf24cd04489cbbed24059d84504a2ba904659681ad05b7d2c130d4b5

[./b6f0203ddf24cd04489cbbed24059d84504a2ba904659681ad05b7d2c130d4b5]

Network

Country Destination Domain Proto
US 1.1.1.1:53 changelogs.ubuntu.com udp
US 1.1.1.1:53 changelogs.ubuntu.com udp
GB 91.189.88.185:443 changelogs.ubuntu.com tcp

Files

N/A

Analysis: behavioral2

Detonation Overview

Submitted

2021-09-10 14:40

Reported

2021-09-10 14:41

Platform

debian9-mipsel

Command Line

N/A

Signatures

N/A

Processes

N/A

Network

N/A

Files

N/A