kaiten | 2c5a06c6c80b140b78d86814de667ff3859433c3e893a59deb91c9a27c9b0064 | Triage

Sharing

General

Target

2c5a06c6c80b140b78d86814de667ff3859433c3e893a59deb91c9a27c9b0064
Size

127KB
Sample

220614-21syvsddf4
MD5

39ae1df17efb129212ae7596e8dbc65c
SHA1

779662fd9456bb67a591f4c3f4e73871c5c0ef6c
SHA256

2c5a06c6c80b140b78d86814de667ff3859433c3e893a59deb91c9a27c9b0064
SHA512

48944fa8f3758471d5410634634a9500fcaeb35b32ae3f6db44c2d486956696dc1639a2b5c01084ebf394f869c1c4d10616a0e96cba0cca7e7ef6c086d79e080

Score

10^/10

kaiten linux persistence

Malware Config

Targets

- Target
  
  2c5a06c6c80b140b78d86814de667ff3859433c3e893a59deb91c9a27c9b0064
- Size
  
  127KB
- MD5
  
  39ae1df17efb129212ae7596e8dbc65c
- SHA1
  
  779662fd9456bb67a591f4c3f4e73871c5c0ef6c
- SHA256
  
  2c5a06c6c80b140b78d86814de667ff3859433c3e893a59deb91c9a27c9b0064
- SHA512
  
  48944fa8f3758471d5410634634a9500fcaeb35b32ae3f6db44c2d486956696dc1639a2b5c01084ebf394f869c1c4d10616a0e96cba0cca7e7ef6c086d79e080
Score

7^/10

persistence
- Modifies rc script
  Adding/modifying system rc scripts is a common persistence mechanism.
  persistence
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Privilege Escalation

Boot or Logon Autostart Execution

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1