kaiten | e73ac8875a036941fa9b767739eb8456f3ca5c04a4441c453f0d920b821a6527

Analysis

max time kernel
0s
platform
debian-9_mipsel
resource
debian9-mipsel-20231222-en
resource tags

arch:mipselimage:debian9-mipsel-20231222-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
submitted
22/12/2023, 06:19

Target

752db954de22cc47d695a367d8e4c405
Size

19KB
MD5

752db954de22cc47d695a367d8e4c405
SHA1

b9ef1847fc519c8645a92baf9f45384c2a229b00
SHA256

e73ac8875a036941fa9b767739eb8456f3ca5c04a4441c453f0d920b821a6527
SHA512

9a1da432c9bc0a06e61e9e094ce971bf687bd50fe792540df71e20ad44f34089bbc29a3233a2446db10a32c014eaa9d0f06652592902a3b28d388874cba6540a
SSDEEP

384:P4ndook4jOeP/cnqwueMYTBJJpgOzmn06AlF2qShssWzZIiWvg0oe1SvL9Mc:P4ndoWjOw/JwueZlJJbzh6OormIi8oG+

Score

10^/10

kaiten botnet

Detects Kaiten/Tsunami Payload 1 IoCs

resource	yara_rule
behavioral1/memory/735-1-0x00400000-0x100008a0-memory.dmp	family_kaiten2

Detects Kaiten/Tsunami payload 1 IoCs

resource	yara_rule
behavioral1/memory/735-1-0x00400000-0x100008a0-memory.dmp	family_kaiten

Kaiten/Tsunami
Linux-based IoT botnet which is controlled through IRC and normally used to carry out DDoS attacks.
botnet kaiten

/tmp/752db954de22cc47d695a367d8e4c405
/tmp/752db954de22cc47d695a367d8e4c405
1⤵
PID:735