General
-
Target
d47a5da273175a5971638995146e8056
-
Size
44KB
-
Sample
231222-slrmtaabb8
-
MD5
d47a5da273175a5971638995146e8056
-
SHA1
a3dc8373171b19d410e9d63f4924425c082589ea
-
SHA256
ad9162326a496844c139082232e33015bca4fcd4d90c4747f0c356fd95a8891a
-
SHA512
86c1f4fceaef41bae7fd9c5ba561fbc316f66d74e4c1da2c92e8601a725e2eed73fa58cbc04e9455b9caabe01ed3ae89608c83e9d36596171f8444064e078110
-
SSDEEP
768:qRhqau1AvhmBFWWJCRgAatS7YeD6CLPvR8IwKKaU3amTkfzaJgGlzDpyuR1JT13c:QhqauKhALAgV0YSxhvw6CaevVcuRK3
Malware Config
Targets
-
-
Target
d47a5da273175a5971638995146e8056
-
Size
44KB
-
MD5
d47a5da273175a5971638995146e8056
-
SHA1
a3dc8373171b19d410e9d63f4924425c082589ea
-
SHA256
ad9162326a496844c139082232e33015bca4fcd4d90c4747f0c356fd95a8891a
-
SHA512
86c1f4fceaef41bae7fd9c5ba561fbc316f66d74e4c1da2c92e8601a725e2eed73fa58cbc04e9455b9caabe01ed3ae89608c83e9d36596171f8444064e078110
-
SSDEEP
768:qRhqau1AvhmBFWWJCRgAatS7YeD6CLPvR8IwKKaU3amTkfzaJgGlzDpyuR1JT13c:QhqauKhALAgV0YSxhvw6CaevVcuRK3
Score10/10-
Detects Kaiten/Tsunami Payload
-
Kaiten/Tsunami
Linux-based IoT botnet which is controlled through IRC and normally used to carry out DDoS attacks.
-
Writes DNS configuration
Writes data to DNS resolver config file.
-
Enumerates running processes
Discovers information about currently running processes on the system
-