Overview

overview

10

Static

static

1

e466d2f7b2...28d734

debian-9-mips

10

Sharing

Copy URL
Twitter E-mail

General

  • Target

    e466d2f7b23f6d62b309989f1828d734

  • Size

    62KB

  • Sample

    231220-tqjnfabec6

  • MD5

    e466d2f7b23f6d62b309989f1828d734

  • SHA1

    c0dbfca2caf98c99d48e8c99bb306ec32d084001

  • SHA256

    20e6d42c34c5d986e83f834df3bb475a1df49acdb4e6fa332a86a45b423ff850

  • SHA512

    cf8a727c514273379a78798e439239baacfde459a9d0d64619a712e8959336b2a747f4912b918ef9415ebcddf280ca6598564f5fa59a00a420957b99762c6dd2

  • SSDEEP

    768:vYPjLmGo1TW7QXgdRv4r5J8+/DBW1DR/Whzeq5TflWsL3JgGlzDpYuR1JQHRkAg3:AvmG8i7Qwn4lJTC9YjlWq1VGu2RW

Score
10/10
kaitenbotnet

Malware Config

Targets

    • Target

      e466d2f7b23f6d62b309989f1828d734

    • Size

      62KB

    • MD5

      e466d2f7b23f6d62b309989f1828d734

    • SHA1

      c0dbfca2caf98c99d48e8c99bb306ec32d084001

    • SHA256

      20e6d42c34c5d986e83f834df3bb475a1df49acdb4e6fa332a86a45b423ff850

    • SHA512

      cf8a727c514273379a78798e439239baacfde459a9d0d64619a712e8959336b2a747f4912b918ef9415ebcddf280ca6598564f5fa59a00a420957b99762c6dd2

    • SSDEEP

      768:vYPjLmGo1TW7QXgdRv4r5J8+/DBW1DR/Whzeq5TflWsL3JgGlzDpYuR1JQHRkAg3:AvmG8i7Qwn4lJTC9YjlWq1VGu2RW

    Score
    10/10
    kaitenbotnet

    • Detects Kaiten/Tsunami Payload

    • Kaiten/Tsunami

      Linux-based IoT botnet which is controlled through IRC and normally used to carry out DDoS attacks.

      botnetkaiten

    • Writes DNS configuration

      Writes data to DNS resolver config file.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    behavioral1

MITRE ATT&CK Matrix ATT&CK v13

Tasks