kaiten | 032e9a22f73d548479fc9cc94e9b8512275d053e419262a4f500c7736001741f | Triage

Submit
Reports

Overview

overview

Static

static

1

8db93a1c37...kes118

debian-9-mipsel

Sharing

General

Target

8db93a1c37558cb87760ef0b443c7365_JaffaCakes118
Size

33KB
Sample

240812-hkm8wstglg
MD5

8db93a1c37558cb87760ef0b443c7365
SHA1

54d760fdb8309b6e08a94bc2c8631d930e16676a
SHA256

032e9a22f73d548479fc9cc94e9b8512275d053e419262a4f500c7736001741f
SHA512

7ab49f2f612cd872a8571da339ae8881c7837e7daec2d8fbb5b7ab651ff9334c8100bde2289c703308d00d4738eb67fc9835a067599b58c9aea70ec02b3204c1
SSDEEP

768:6JxbYLs+mQh5hKMKuNmeY8Pzq+PbDf6Wb:wv+VcMKuNDzqgbjD

Score

10^/10

kaiten botnet persistence

Static task

static1

Behavioral task

behavioral1

Sample

8db93a1c37558cb87760ef0b443c7365_JaffaCakes118

Resource

debian9-mipsel-20240729-en

kaiten botnet persistence

debian-9-mipsel

5 signatures

150 seconds

Malware Config

Targets

- Target
  
  8db93a1c37558cb87760ef0b443c7365_JaffaCakes118
- Size
  
  33KB
- MD5
  
  8db93a1c37558cb87760ef0b443c7365
- SHA1
  
  54d760fdb8309b6e08a94bc2c8631d930e16676a
- SHA256
  
  032e9a22f73d548479fc9cc94e9b8512275d053e419262a4f500c7736001741f
- SHA512
  
  7ab49f2f612cd872a8571da339ae8881c7837e7daec2d8fbb5b7ab651ff9334c8100bde2289c703308d00d4738eb67fc9835a067599b58c9aea70ec02b3204c1
- SSDEEP
  
  768:6JxbYLs+mQh5hKMKuNmeY8Pzq+PbDf6Wb:wv+VcMKuNDzqgbjD
Score

10^/10

kaiten botnet persistence
- Detects Kaiten/Tsunami Payload
- Kaiten/Tsunami
  Linux-based IoT botnet which is controlled through IRC and normally used to carry out DDoS attacks.
  botnet kaiten
- Creates/modifies Cron job
  Cron allows running tasks on a schedule, and is commonly used for malware persistence.
  persistence
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Persistence

Scheduled Task/Job

Privilege Escalation

Scheduled Task/Job

Defense Evasion

Credential Access

Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

kaitenbotnetpersistence

© 2018-2024

Terms | Privacy