Overview

overview

10

Static

static

7

3a83ed9b56...da751d

ubuntu-18.04-amd64

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    3a83ed9b56a4e6abd59a1b7306da751d

  • Size

    62KB

  • Sample

    231219-2ylf1agagp

  • MD5

    3a83ed9b56a4e6abd59a1b7306da751d

  • SHA1

    13f5eb7fc4fc278a93d5a143b5e770ae01db52a2

  • SHA256

    4e47e795c169cf0cf3b093e98fe7c020117095451f4a899ebdd17077979e07ee

  • SHA512

    3bdb4ae1aa4de3069725ba8f8b1c9f0aad1141eea83efe01bf1568df492b2bb461ec05d1a7aafa80b4011d66aec3f37770fbcc6207e6de5032fdaa9e6b4bd2d6

  • SSDEEP

    768:8obxF369aOBtJ1I2ySD+Wvhx5f4fwoooagBBdiRN08VTR8QRp8ox0BZAGKOV4fGV:VDK4inxyGz5Qfsoa0Ad8sfQA4eKp+Mdz

Score
10/10
kaitenbotnetlinuxupx

Malware Config

Targets

    • Target

      3a83ed9b56a4e6abd59a1b7306da751d

    • Size

      62KB

    • MD5

      3a83ed9b56a4e6abd59a1b7306da751d

    • SHA1

      13f5eb7fc4fc278a93d5a143b5e770ae01db52a2

    • SHA256

      4e47e795c169cf0cf3b093e98fe7c020117095451f4a899ebdd17077979e07ee

    • SHA512

      3bdb4ae1aa4de3069725ba8f8b1c9f0aad1141eea83efe01bf1568df492b2bb461ec05d1a7aafa80b4011d66aec3f37770fbcc6207e6de5032fdaa9e6b4bd2d6

    • SSDEEP

      768:8obxF369aOBtJ1I2ySD+Wvhx5f4fwoooagBBdiRN08VTR8QRp8ox0BZAGKOV4fGV:VDK4inxyGz5Qfsoa0Ad8sfQA4eKp+Mdz

    Score
    10/10
    kaitenbotnet

    • Detects Kaiten/Tsunami Payload

    • Detects Kaiten/Tsunami payload

    • Kaiten/Tsunami

      Linux-based IoT botnet which is controlled through IRC and normally used to carry out DDoS attacks.

      botnetkaiten

    • Modifies password files for system users/ groups

      Modifies files storing password hashes of existing users/ groups, likely to grant additional privileges.

    • Adds a user to the system

    behavioral1

MITRE ATT&CK Enterprise v15

Tasks