kaiten | 547b175b0ba72c54eafba7f3adefe57be23ccf272ba31aa66eebc73f9d0d1641 | Triage

Submit
Reports

Overview

overview

Static

static

547b175b0b...0d1641

debian-9-mips

8

Sharing

General

Target

547b175b0ba72c54eafba7f3adefe57be23ccf272ba31aa66eebc73f9d0d1641
Size

131KB
Sample

220725-xvsnpafebj
MD5

943f96d086f940f3c0b91ceb79a920f8
SHA1

1a8e43d4dde5745a258d4272c26a380520ef7a84
SHA256

547b175b0ba72c54eafba7f3adefe57be23ccf272ba31aa66eebc73f9d0d1641
SHA512

f81038d87271178fdaee42380be45b88a7f7effeeaaca8e12f6b505c0c15c4c27c851925f044d763d54f65ae9eed9d33147fbb6f3c3f4b00c4e81a3fa91809a7

Score

10^/10

kaiten persistence

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

547b175b0ba72c54eafba7f3adefe57be23ccf272ba31aa66eebc73f9d0d1641

Resource

debian9-mipsbe-en-20211208

debian-9-mips

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  547b175b0ba72c54eafba7f3adefe57be23ccf272ba31aa66eebc73f9d0d1641
- Size
  
  131KB
- MD5
  
  943f96d086f940f3c0b91ceb79a920f8
- SHA1
  
  1a8e43d4dde5745a258d4272c26a380520ef7a84
- SHA256
  
  547b175b0ba72c54eafba7f3adefe57be23ccf272ba31aa66eebc73f9d0d1641
- SHA512
  
  f81038d87271178fdaee42380be45b88a7f7effeeaaca8e12f6b505c0c15c4c27c851925f044d763d54f65ae9eed9d33147fbb6f3c3f4b00c4e81a3fa91809a7
Score

8^/10

persistence
- Modifies hosts file
  Adds to hosts file used for mapping hosts to IP addresses.
- Writes DNS configuration
  Writes data to DNS resolver config file.
- Modifies rc script
  Adding/modifying system rc scripts is a common persistence mechanism.
  persistence
behavioral1

MITRE ATT&CK Matrix ATT&CK v6

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Privilege Escalation

Boot or Logon Autostart Execution

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Dynamic Resolution

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy