Static task
static1
Behavioral task
behavioral1
Sample
b6f0203ddf24cd04489cbbed24059d84504a2ba904659681ad05b7d2c130d4b5
Resource
ubuntu-amd64
Behavioral task
behavioral2
Sample
b6f0203ddf24cd04489cbbed24059d84504a2ba904659681ad05b7d2c130d4b5
Resource
debian9-mipsel
Behavioral task
behavioral3
Sample
b6f0203ddf24cd04489cbbed24059d84504a2ba904659681ad05b7d2c130d4b5
Resource
debian9-mipsbe
General
-
Target
6638926565638144.zip
-
Size
17KB
-
MD5
f5b599c9b9539b11d338f8b05e9e2b08
-
SHA1
e32552622d19011e237aef01345e576e053443ea
-
SHA256
cdc055e60a275ac6b7309b2d84d1167237b32862b3967b4f2fb7417757596f50
-
SHA512
d5587f8eef8327e0f55ba2b0379056c18324fbbb28701915783973f4f67a0500430202e7a47b733d3a58b75f28123b64ae791f354bf77583045d93af5ac772f9
Malware Config
Signatures
-
Identified Kaiten Bot 1 IoCs
Processes:
resource yara_rule static1/unpack001/b6f0203ddf24cd04489cbbed24059d84504a2ba904659681ad05b7d2c130d4b5 family_kaiten -
Kaiten family
Files
-
6638926565638144.zip.zip
Password: infected
-
b6f0203ddf24cd04489cbbed24059d84504a2ba904659681ad05b7d2c130d4b5.elf linux aarch64