kaiten | 2da8b56168ac51cd505f3f98cec08a8840364d23cf5fd23b6b8fbbee33c86f45 | Triage

Sharing

General

Target

2da8b56168ac51cd505f3f98cec08a8840364d23cf5fd23b6b8fbbee33c86f45
Size

85KB
Sample

220507-lvjj8scdc8
MD5

748d51fd6cccb22ba62d8cbaf462fb7f
SHA1

5c579ae7cffacab534f0e8f3e4be7519fd007fbd
SHA256

2da8b56168ac51cd505f3f98cec08a8840364d23cf5fd23b6b8fbbee33c86f45
SHA512

926d2c27f4d3ae3e07b7653c092dabc64c7bb68ccfd45fb6ea500cf3813bd21257e431414eb8603981ad1687ba0b3b21d9da1808db267737ad1b62a6ad1760e7

Score

10^/10

kaiten linux persistence

Malware Config

Targets

- Target
  
  2da8b56168ac51cd505f3f98cec08a8840364d23cf5fd23b6b8fbbee33c86f45
- Size
  
  85KB
- MD5
  
  748d51fd6cccb22ba62d8cbaf462fb7f
- SHA1
  
  5c579ae7cffacab534f0e8f3e4be7519fd007fbd
- SHA256
  
  2da8b56168ac51cd505f3f98cec08a8840364d23cf5fd23b6b8fbbee33c86f45
- SHA512
  
  926d2c27f4d3ae3e07b7653c092dabc64c7bb68ccfd45fb6ea500cf3813bd21257e431414eb8603981ad1687ba0b3b21d9da1808db267737ad1b62a6ad1760e7
Score

8^/10

persistence
- Modifies hosts file
  Adds to hosts file used for mapping hosts to IP addresses.
- Writes DNS configuration
  Writes data to DNS resolver config file.
- Modifies rc script
  Adding/modifying system rc scripts is a common persistence mechanism.
  persistence
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Privilege Escalation

Boot or Logon Autostart Execution

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Dynamic Resolution

Exfiltration

Impact

Tasks

static1

behavioral1