kaiten | 46389c117c5f41b60e10f965b3674b3b77189b504b0aeb5c2da67adf55a7129f | Triage

Submit
Reports

Overview

overview

Static

static

pty10

linux_armhf

Sharing

General

Target

pty10
Size

1.6MB
Sample

220425-3xfpssdgfp
MD5

0abc01de8962867957bca89f6bd4c10e
SHA1

a7b49698f0562b887d1c5b96272b50e9e13cba80
SHA256

46389c117c5f41b60e10f965b3674b3b77189b504b0aeb5c2da67adf55a7129f
SHA512

508fec5f009bfe080ce31b510c21cbe22caa83a4b82c44786f08c53ac04e290d10c0efe4f71ac88b33946e6c7fec2665fbc221adf08af5e428f8c1df17777318

Score

10^/10

kaiten linux persistence suricata

Static task

static1

Behavioral task

behavioral1

Sample

pty10

Resource

debian9-armhf-en-20211208

persistence suricata

linux_armhf

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  pty10
- Size
  
  1.6MB
- MD5
  
  0abc01de8962867957bca89f6bd4c10e
- SHA1
  
  a7b49698f0562b887d1c5b96272b50e9e13cba80
- SHA256
  
  46389c117c5f41b60e10f965b3674b3b77189b504b0aeb5c2da67adf55a7129f
- SHA512
  
  508fec5f009bfe080ce31b510c21cbe22caa83a4b82c44786f08c53ac04e290d10c0efe4f71ac88b33946e6c7fec2665fbc221adf08af5e428f8c1df17777318
Score

10^/10

persistence suricata
- suricata: ET MALWARE ELF/Muhstik Botnet CnC Activity
  suricata: ET MALWARE ELF/Muhstik Botnet CnC Activity
  suricata
- Writes file to system bin folder
- Modifies rc script
  Adding/modifying system rc scripts is a common persistence mechanism.
  persistence
- Write file to user bin folder
- Reads runtime system information
  Reads data from /proc virtual filesystem.
- Writes file to tmp directory
  Malware often drops required files in the /tmp directory.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Hijack Execution Flow

Privilege Escalation

Boot or Logon Autostart Execution

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencesuricata

© 2018-2025

Terms | Privacy