kaiten | ac85c87519f9741538735a4f6ef63f5cdf3517d89edd95abd93a436a0354b513 | Triage

Submit
Reports

Overview

overview

Static

static

ac85c87519...54b513

ubuntu-18.04-amd64

8

Sharing

General

Target

ac85c87519f9741538735a4f6ef63f5cdf3517d89edd95abd93a436a0354b513
Size

101KB
Sample

220725-extdwsech8
MD5

75365fdb62e5047f16907f7db3142afb
SHA1

edc5cf10aff694010839e8652e0bd08686934ecb
SHA256

ac85c87519f9741538735a4f6ef63f5cdf3517d89edd95abd93a436a0354b513
SHA512

de669973feb75d85207b90009d31ad1e951dd92db787b5f8a70ba601fd098587cb2213a9ac69f760f72890d30d5c931e73add6125f8bbdd5a5af83576674a80b

Score

10^/10

kaiten persistence

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

ac85c87519f9741538735a4f6ef63f5cdf3517d89edd95abd93a436a0354b513

Resource

ubuntu1804-amd64-en-20211208

ubuntu-18.04-amd64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  ac85c87519f9741538735a4f6ef63f5cdf3517d89edd95abd93a436a0354b513
- Size
  
  101KB
- MD5
  
  75365fdb62e5047f16907f7db3142afb
- SHA1
  
  edc5cf10aff694010839e8652e0bd08686934ecb
- SHA256
  
  ac85c87519f9741538735a4f6ef63f5cdf3517d89edd95abd93a436a0354b513
- SHA512
  
  de669973feb75d85207b90009d31ad1e951dd92db787b5f8a70ba601fd098587cb2213a9ac69f760f72890d30d5c931e73add6125f8bbdd5a5af83576674a80b
Score

8^/10

persistence
- Modifies hosts file
  Adds to hosts file used for mapping hosts to IP addresses.
- Writes DNS configuration
  Writes data to DNS resolver config file.
- Modifies rc script
  Adding/modifying system rc scripts is a common persistence mechanism.
  persistence
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Privilege Escalation

Boot or Logon Autostart Execution

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Dynamic Resolution

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy