kaiten | 0ae15ae0dd8888628e5b1e9f3f3a3d5bf9bbde44c2283568dbbcf69ea908c6b0 | Triage

Submit
Reports

Overview

overview

Static

static

0ae15ae0dd...08c6b0

linux_armhf

Sharing

General

Target

0ae15ae0dd8888628e5b1e9f3f3a3d5bf9bbde44c2283568dbbcf69ea908c6b0
Size

121KB
Sample

220630-3mhfmsecd2
MD5

b36873274d88f9258c25c3eae43a6491
SHA1

5543552a7a35c0e05bfd631bf205c950fb2d19d8
SHA256

0ae15ae0dd8888628e5b1e9f3f3a3d5bf9bbde44c2283568dbbcf69ea908c6b0
SHA512

fe51453b7df71d96a93d0ae3d50e3ed3e6590ca7505cc0e1ece630e0d818a5e77ce3683f7adfb2b7fe8c6fcd7be21de1cac53fda441a213cbe490a04ed900c6d

Score

10^/10

kaiten linux persistence suricata

Static task

static1

Behavioral task

behavioral1

Sample

0ae15ae0dd8888628e5b1e9f3f3a3d5bf9bbde44c2283568dbbcf69ea908c6b0

Resource

debian9-armhf-en-20211208

persistence suricata

linux_armhf

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  0ae15ae0dd8888628e5b1e9f3f3a3d5bf9bbde44c2283568dbbcf69ea908c6b0
- Size
  
  121KB
- MD5
  
  b36873274d88f9258c25c3eae43a6491
- SHA1
  
  5543552a7a35c0e05bfd631bf205c950fb2d19d8
- SHA256
  
  0ae15ae0dd8888628e5b1e9f3f3a3d5bf9bbde44c2283568dbbcf69ea908c6b0
- SHA512
  
  fe51453b7df71d96a93d0ae3d50e3ed3e6590ca7505cc0e1ece630e0d818a5e77ce3683f7adfb2b7fe8c6fcd7be21de1cac53fda441a213cbe490a04ed900c6d
Score

10^/10

persistence suricata
- suricata: ET MALWARE IRC Nick change on non-standard port
  suricata: ET MALWARE IRC Nick change on non-standard port
  suricata
- Modifies rc script
  Adding/modifying system rc scripts is a common persistence mechanism.
  persistence
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Privilege Escalation

Boot or Logon Autostart Execution

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

persistencesuricata

© 2018-2025

Terms | Privacy