kaiten | 3dd598c51b6d2956a614a3b74cb021795377981e8dab2087ecd0bb2d3caedca6 | Triage

Submit
Reports

Overview

overview

Static

static

3dd598c51b...aedca6

linux_mips

7

Sharing

General

Target

3dd598c51b6d2956a614a3b74cb021795377981e8dab2087ecd0bb2d3caedca6
Size

124KB
Sample

220701-rm5emafghj
MD5

57acd79a0687f0a7655652599a2bfe93
SHA1

23416b88af0d716d93cb69daea62371b40c36df4
SHA256

3dd598c51b6d2956a614a3b74cb021795377981e8dab2087ecd0bb2d3caedca6
SHA512

f1bedf286d56efc20d68d309033da122eac1c9caa3d8de86efc7ede48620bca60106e7762d5c18c90a57b4b81e390b0a7a9574b0511d13dd2fe952e849aa610d

Score

10^/10

kaiten linux persistence

Static task

static1

Behavioral task

behavioral1

Sample

3dd598c51b6d2956a614a3b74cb021795377981e8dab2087ecd0bb2d3caedca6

Resource

debian9-mipsbe-en-20211208

linux_mips

0 signatures

0 seconds

Malware Config

Targets

- Target
  
  3dd598c51b6d2956a614a3b74cb021795377981e8dab2087ecd0bb2d3caedca6
- Size
  
  124KB
- MD5
  
  57acd79a0687f0a7655652599a2bfe93
- SHA1
  
  23416b88af0d716d93cb69daea62371b40c36df4
- SHA256
  
  3dd598c51b6d2956a614a3b74cb021795377981e8dab2087ecd0bb2d3caedca6
- SHA512
  
  f1bedf286d56efc20d68d309033da122eac1c9caa3d8de86efc7ede48620bca60106e7762d5c18c90a57b4b81e390b0a7a9574b0511d13dd2fe952e849aa610d
Score

7^/10

persistence
- Modifies rc script
  Adding/modifying system rc scripts is a common persistence mechanism.
  persistence
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
- Reads system network configuration
  Uses contents of /proc filesystem to enumerate network settings.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Privilege Escalation

Boot or Logon Autostart Execution

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy