kaiten | dc2e1628ee9f18b3a8740bd36bc1f6aa5e3c506822ec5bbac306a8f3d2140145 | Triage

Submit
Reports

Overview

overview

Static

static

7

b5a6bca187...97e478

debian-9-armhf

Sharing

General

Target

b5a6bca187a6a82ded6276494697e478
Size

49KB
Sample

231220-p9lvpacgal
MD5

b5a6bca187a6a82ded6276494697e478
SHA1

44540202c8712e4b7730999c7e12f8ae274c465d
SHA256

dc2e1628ee9f18b3a8740bd36bc1f6aa5e3c506822ec5bbac306a8f3d2140145
SHA512

9132cc1416f0933d1195e19cc9c2e924be6d0d0e3a909dd7d07e8d107b9ba0cc5ba21c578d66cb65ba0d396b534d4b39f5e006f8348a9c0a3aeb4b96a0680d2c
SSDEEP

768:uy0RsOlDx5GBbhzcapESDl/oWsynfuAxt74NIboblfO5vIawuZGq3UIVPfeRpO+t:kD0mapESDl/zfghJmIa7pVPUOm

Score

10^/10

kaiten botnet upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

b5a6bca187a6a82ded6276494697e478

Resource

debian9-armhf-20231215-en

debian-9-armhf

6 signatures

150 seconds

Malware Config

Targets

- Target
  
  b5a6bca187a6a82ded6276494697e478
- Size
  
  49KB
- MD5
  
  b5a6bca187a6a82ded6276494697e478
- SHA1
  
  44540202c8712e4b7730999c7e12f8ae274c465d
- SHA256
  
  dc2e1628ee9f18b3a8740bd36bc1f6aa5e3c506822ec5bbac306a8f3d2140145
- SHA512
  
  9132cc1416f0933d1195e19cc9c2e924be6d0d0e3a909dd7d07e8d107b9ba0cc5ba21c578d66cb65ba0d396b534d4b39f5e006f8348a9c0a3aeb4b96a0680d2c
- SSDEEP
  
  768:uy0RsOlDx5GBbhzcapESDl/oWsynfuAxt74NIboblfO5vIawuZGq3UIVPfeRpO+t:kD0mapESDl/zfghJmIa7pVPUOm
Score

10^/10

kaiten botnet
- Detects Kaiten/Tsunami Payload
- Detects Kaiten/Tsunami payload
- Kaiten/Tsunami
  Linux-based IoT botnet which is controlled through IRC and normally used to carry out DDoS attacks.
  botnet kaiten
behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Exfiltration

Command and Control

Impact

Resource Development

Reconnaissance

Tasks

static1

behavioral1

© 2018-2024

Terms | Privacy