kaiten | dc2e1628ee9f18b3a8740bd36bc1f6aa5e3c506822ec5bbac306a8f3d2140145 | Triage

Submit
Reports

Overview

overview

Static

static

7

b5a6bca187...97e478

debian-9-armhf

Sharing

General

Target

b5a6bca187a6a82ded6276494697e478
Size

49KB
Sample

231220-p9lvpacgal
MD5

b5a6bca187a6a82ded6276494697e478
SHA1

44540202c8712e4b7730999c7e12f8ae274c465d
SHA256

dc2e1628ee9f18b3a8740bd36bc1f6aa5e3c506822ec5bbac306a8f3d2140145
SHA512

9132cc1416f0933d1195e19cc9c2e924be6d0d0e3a909dd7d07e8d107b9ba0cc5ba21c578d66cb65ba0d396b534d4b39f5e006f8348a9c0a3aeb4b96a0680d2c
SSDEEP

768:uy0RsOlDx5GBbhzcapESDl/oWsynfuAxt74NIboblfO5vIawuZGq3UIVPfeRpO+t:kD0mapESDl/zfghJmIa7pVPUOm

Score

10^/10

kaiten botnet upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

b5a6bca187a6a82ded6276494697e478

Resource

debian9-armhf-20231215-en

debian-9-armhf

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  b5a6bca187a6a82ded6276494697e478
- Size
  
  49KB
- MD5
  
  b5a6bca187a6a82ded6276494697e478
- SHA1
  
  44540202c8712e4b7730999c7e12f8ae274c465d
- SHA256
  
  dc2e1628ee9f18b3a8740bd36bc1f6aa5e3c506822ec5bbac306a8f3d2140145
- SHA512
  
  9132cc1416f0933d1195e19cc9c2e924be6d0d0e3a909dd7d07e8d107b9ba0cc5ba21c578d66cb65ba0d396b534d4b39f5e006f8348a9c0a3aeb4b96a0680d2c
- SSDEEP
  
  768:uy0RsOlDx5GBbhzcapESDl/oWsynfuAxt74NIboblfO5vIawuZGq3UIVPfeRpO+t:kD0mapESDl/zfghJmIa7pVPUOm
Score

10^/10

kaiten botnet
- Detects Kaiten/Tsunami Payload
- Detects Kaiten/Tsunami payload
- Kaiten/Tsunami
  Linux-based IoT botnet which is controlled through IRC and normally used to carry out DDoS attacks.
  botnet kaiten
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

© 2018-2025

Terms | Privacy