kaiten | 21ad07db066936bcec2b7118ae378bf626ab22dd9dc92cc85a6f1b74dca8339e | Triage

Submit
Reports

Overview

overview

Static

static

knight.c

windows10-2004-x64

Resubmissions

24-05-2023 16:12

230524-tnkgysdg6x 10

11-05-2023 16:02

230511-tg24esad6x 10

Sharing

General

Target

knight.c
Size

34KB
Sample

230524-tnkgysdg6x
MD5

30aded215fadd9c85bfcb92da55f8fd4
SHA1

0dec38ef672e09b22902271b6f5599277d10f932
SHA256

21ad07db066936bcec2b7118ae378bf626ab22dd9dc92cc85a6f1b74dca8339e
SHA512

00524d77dd051833d93a5b1d655cfcd0d2a173971a48b5b4d1a96ff39f690e1eeba8ad62103e5084af2a96c26b040c9b3ae27cdfdcc2e1deb49af186957719ac
SSDEEP

384:nwUhD+2siWH7kZ9fmNIVkVTP6uCumiQCuolbafAx2pQ4Q26Wv7xOsUvSYl+:nfhD+87VkJp6pQxNQxSvl+

Score

10^/10

kaiten botnet

Static task

static1

2 signatures

Behavioral task

behavioral1

Sample

knight.c

Resource

win10v2004-20230221-en

windows10-2004-x64

12 signatures

1800 seconds

Malware Config

Targets

- Target
  
  knight.c
- Size
  
  34KB
- MD5
  
  30aded215fadd9c85bfcb92da55f8fd4
- SHA1
  
  0dec38ef672e09b22902271b6f5599277d10f932
- SHA256
  
  21ad07db066936bcec2b7118ae378bf626ab22dd9dc92cc85a6f1b74dca8339e
- SHA512
  
  00524d77dd051833d93a5b1d655cfcd0d2a173971a48b5b4d1a96ff39f690e1eeba8ad62103e5084af2a96c26b040c9b3ae27cdfdcc2e1deb49af186957719ac
- SSDEEP
  
  384:nwUhD+2siWH7kZ9fmNIVkVTP6uCumiQCuolbafAx2pQ4Q26Wv7xOsUvSYl+:nfhD+87VkJp6pQxNQxSvl+
Score

10^/10

kaiten botnet
- Detects Kaiten/Tsunami Payload
- Kaiten/Tsunami
  Linux-based IoT botnet which is controlled through IRC and normally used to carry out DDoS attacks.
  botnet kaiten
behavioral1

MITRE ATT&CK Enterprise v6

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

Query Registry

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy