kaiten | f3c8c03a23b7a068a19624ff315850f95d0c7df4ee979c6819545300d9ed7899 | Triage

Submit
Reports

Overview

overview

Static

static

[A4-TL].elf

debian-9-armhf

9

Sharing

General

Target

[A4-TL].elf
Size

252KB
Sample

230227-nnvp2adc4x
MD5

bd872b0c4e26a915777a2745ceb03e01
SHA1

8cfd4e2cbae240bbd7903cf325afe50888705ccb
SHA256

f3c8c03a23b7a068a19624ff315850f95d0c7df4ee979c6819545300d9ed7899
SHA512

79e097212b39bf97a3d9f686aca3d3f0af4d6a71097aae2739742359087c2fa8740d833dc7f8bc20bc41be595e3ead64c1a78184161c509f0c6ab24fc1786f50
SSDEEP

6144:6V1Tvhr0NasK1i06F+GgQTCzB12I7Bxgmp5rwh6qkRpxPa:MVINasPb+G/212sjgmDwh6qkR/a

Score

10^/10

kaiten

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

[A4-TL].elf

Resource

debian9-armhf-20221111-en

debian-9-armhf

3 signatures

150 seconds

Malware Config

Targets

- Target
  
  [A4-TL].elf
- Size
  
  252KB
- MD5
  
  bd872b0c4e26a915777a2745ceb03e01
- SHA1
  
  8cfd4e2cbae240bbd7903cf325afe50888705ccb
- SHA256
  
  f3c8c03a23b7a068a19624ff315850f95d0c7df4ee979c6819545300d9ed7899
- SHA512
  
  79e097212b39bf97a3d9f686aca3d3f0af4d6a71097aae2739742359087c2fa8740d833dc7f8bc20bc41be595e3ead64c1a78184161c509f0c6ab24fc1786f50
- SSDEEP
  
  6144:6V1Tvhr0NasK1i06F+GgQTCzB12I7Bxgmp5rwh6qkRpxPa:MVINasPb+G/212sjgmDwh6qkR/a
Score

9^/10
- Writes file to system bin folder
- Write file to user bin folder
- Reads runtime system information
  Reads data from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Hijack Execution Flow

Privilege Escalation

Hijack Execution Flow

Defense Evasion

Hijack Execution Flow

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy