kaiten | 0000e2fed3bad7d994fd0a25003269ce4531d636a21cec204021754bc16ae5fe | Triage

Submit
Reports

Overview

overview

Static

static

0000e2fed3...6ae5fe

linux_amd64

7

Sharing

General

Target

0000e2fed3bad7d994fd0a25003269ce4531d636a21cec204021754bc16ae5fe
Size

47KB
Sample

220525-bqa27aebd8
MD5

d6b2df486692cbf7e088a245e5bb7aea
SHA1

351f1bd5b513ba5fef228c9bd3f3d36391a42038
SHA256

0000e2fed3bad7d994fd0a25003269ce4531d636a21cec204021754bc16ae5fe
SHA512

8746355ddba21ae88e179b4ba59e8350b85a54404326af8cbe598c8ad7576b2dd173f46b171c01310424717cc66aa4da5a4e3ad75e67c382c8fadf79f7df29f7

Score

10^/10

kaiten linux persistence

Static task

static1

Behavioral task

behavioral1

Sample

0000e2fed3bad7d994fd0a25003269ce4531d636a21cec204021754bc16ae5fe

Resource

ubuntu1804-amd64-en-20211208

linux_amd64

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  0000e2fed3bad7d994fd0a25003269ce4531d636a21cec204021754bc16ae5fe
- Size
  
  47KB
- MD5
  
  d6b2df486692cbf7e088a245e5bb7aea
- SHA1
  
  351f1bd5b513ba5fef228c9bd3f3d36391a42038
- SHA256
  
  0000e2fed3bad7d994fd0a25003269ce4531d636a21cec204021754bc16ae5fe
- SHA512
  
  8746355ddba21ae88e179b4ba59e8350b85a54404326af8cbe598c8ad7576b2dd173f46b171c01310424717cc66aa4da5a4e3ad75e67c382c8fadf79f7df29f7
Score

7^/10

persistence
- Modifies rc script
  Adding/modifying system rc scripts is a common persistence mechanism.
  persistence
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Privilege Escalation

Boot or Logon Autostart Execution

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy