kaiten | 8a04585157033b86cb2c104f441d236bc3255b46127355f8342b75ab40eb3e35 | Triage

Submit
Reports

Overview

overview

Static

static

syslogd.elf

ubuntu-18.04-amd64

8

Sharing

General

Target

syslogd.elf
Size

44KB
Sample

220913-pxb5qaffb3
MD5

1ded4ed94ab31f1a3bba3a50cfa7238f
SHA1

3fb8835b17c23c3cce6fec7c77e5e42fd44acd87
SHA256

8a04585157033b86cb2c104f441d236bc3255b46127355f8342b75ab40eb3e35
SHA512

1362961fba8d2713b181b8bde83846bd4cb125ed7afff38e291dc2bc2e0c74e21fcba577d4dc29d5444618c9d36ea11e937017cf4df2da1e5169028f15da4927
SSDEEP

768:mLI6Ht4nOWc8v51zf00pSf5XMRkX+hCh25mD3dFxfrWfiAgWiKIi:3kt+OWc8v51zf00pSf5XMRQYCh25mtrK

Score

10^/10

kaiten linux persistence

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

syslogd.elf

Resource

ubuntu1804-amd64-en-20211208

ubuntu-18.04-amd64

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  syslogd.elf
- Size
  
  44KB
- MD5
  
  1ded4ed94ab31f1a3bba3a50cfa7238f
- SHA1
  
  3fb8835b17c23c3cce6fec7c77e5e42fd44acd87
- SHA256
  
  8a04585157033b86cb2c104f441d236bc3255b46127355f8342b75ab40eb3e35
- SHA512
  
  1362961fba8d2713b181b8bde83846bd4cb125ed7afff38e291dc2bc2e0c74e21fcba577d4dc29d5444618c9d36ea11e937017cf4df2da1e5169028f15da4927
- SSDEEP
  
  768:mLI6Ht4nOWc8v51zf00pSf5XMRkX+hCh25mD3dFxfrWfiAgWiKIi:3kt+OWc8v51zf00pSf5XMRQYCh25mtrK
Score

8^/10

persistence
- Modifies hosts file
  Adds to hosts file used for mapping hosts to IP addresses.
- Writes DNS configuration
  Writes data to DNS resolver config file.
- Modifies rc script
  Adding/modifying system rc scripts is a common persistence mechanism.
  persistence
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Boot or Logon Autostart Execution

Privilege Escalation

Boot or Logon Autostart Execution

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Dynamic Resolution

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy