kaiten | 5db5fc6bc58bea2897f6911cc9ae37c0db6c8430c4c7e816fe4a6bebe889e9fb | Triage

Submit
Reports

Overview

overview

Static

static

5db5fc6bc5...89e9fb

debian-9-armhf

9

Sharing

General

Target

5db5fc6bc58bea2897f6911cc9ae37c0db6c8430c4c7e816fe4a6bebe889e9fb
Size

142KB
Sample

220731-2j8yracdfj
MD5

26e621cf27a2db514ec901919fec4ff4
SHA1

778a2dbcd38ce7f0ea5267d4ae26f631f81a6db2
SHA256

5db5fc6bc58bea2897f6911cc9ae37c0db6c8430c4c7e816fe4a6bebe889e9fb
SHA512

d3d029b1a0d0f1e1d19093878f2136cbb0274a13941a27ae11f290bb40b039e59b49c18be933383fb40457448219f86cec2e6de2adc526a2a633e9138acadf89

Score

10^/10

kaiten discovery

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

5db5fc6bc58bea2897f6911cc9ae37c0db6c8430c4c7e816fe4a6bebe889e9fb

Resource

debian9-armhf-en-20211208

debian-9-armhf

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  5db5fc6bc58bea2897f6911cc9ae37c0db6c8430c4c7e816fe4a6bebe889e9fb
- Size
  
  142KB
- MD5
  
  26e621cf27a2db514ec901919fec4ff4
- SHA1
  
  778a2dbcd38ce7f0ea5267d4ae26f631f81a6db2
- SHA256
  
  5db5fc6bc58bea2897f6911cc9ae37c0db6c8430c4c7e816fe4a6bebe889e9fb
- SHA512
  
  d3d029b1a0d0f1e1d19093878f2136cbb0274a13941a27ae11f290bb40b039e59b49c18be933383fb40457448219f86cec2e6de2adc526a2a633e9138acadf89
Score

9^/10

discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies hosts file
  Adds to hosts file used for mapping hosts to IP addresses.
- Writes DNS configuration
  Writes data to DNS resolver config file.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Network Service Scanning

Lateral Movement

Collection

Command and Control

Dynamic Resolution

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy