Analysis Overview
score
10/10
SHA256
0eef04af376d3a676ae0dd4d372f906e2cb65235beff38c7f1db787b93b1e8b7
Threat Level: Known bad
The file ns3 was found to be: Known bad.
Malicious Activity Summary
Detects Kaiten/Tsunami Payload
Detects Kaiten/Tsunami payload
Kaiten family
MITRE ATT&CK
N/A
Analysis: static1
Detonation Overview
Reported
2024-10-05 08:29
Signatures
Detects Kaiten/Tsunami Payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Detects Kaiten/Tsunami payload
| Description | Indicator | Process | Target |
| N/A | N/A | N/A | N/A |
Kaiten family
Analysis: behavioral1
Detonation Overview
Submitted
2024-10-05 08:29
Reported
2024-10-05 08:31
Platform
ubuntu2204-amd64-20240611-en
Max time kernel
64s
Max time network
68s
Command Line
[/tmp/ns3]
Signatures
N/A
Processes
/tmp/ns3
[/tmp/ns3]
Network
| Country | Destination | Domain | Proto |
| N/A | 224.0.0.251:5353 | udp | |
| US | 8.8.8.8:53 | mircd.hokkien.my.id | udp |
| SG | 180.210.203.64:43 | mircd.hokkien.my.id | tcp |
| US | 207.58.188.113:43 | mircd.hokkien.my.id | tcp |
| US | 8.8.8.8:53 | mircd.xiao.my.id.id | udp |
| US | 8.8.8.8:53 | mircd.xiao.my.id.id | udp |
| US | 8.8.8.8:53 | mircd.xiao.my.id.id | udp |
| US | 8.8.8.8:53 | mircd.xiao.my.id.id | udp |
| US | 8.8.8.8:53 | mircd.xiao.my.id.id | udp |
| US | 1.1.1.1:53 | mircd.xiao.my.id.id | udp |
| US | 1.1.1.1:53 | mircd.xiao.my.id.id | udp |
| US | 1.1.1.1:53 | mircd.hokkien.my.id | udp |
| N/A | 10.2.254.145:43 | mircd.hokkien.my.id | tcp |
| N/A | 172.16.70.55:43 | mircd.hokkien.my.id | tcp |
| US | 199.115.114.193:43 | mircd.hokkien.my.id | tcp |
| N/A | 10.2.254.145:43 | mircd.hokkien.my.id | tcp |
| US | 1.1.1.1:53 | mircd.xiao.my.id.id | udp |
| US | 1.1.1.1:53 | mircd.xiao.my.id.id | udp |
| US | 8.8.8.8:53 | mircd.xiao.my.id.id | udp |
| US | 8.8.8.8:53 | mircd.xiao.my.id.id | udp |
| US | 8.8.8.8:53 | mircd.xiao.my.id.id | udp |
| US | 8.8.8.8:53 | mircd.xiao.my.id.id | udp |
| US | 1.1.1.1:53 | mircd.xiao.my.id.id | udp |
| US | 1.1.1.1:53 | mircd.xiao.my.id.id | udp |
| US | 1.1.1.1:53 | mircd.hokkien.my.id | udp |
| N/A | 10.0.141.111:43 | mircd.hokkien.my.id | tcp |
| US | 1.1.1.1:53 | mircd.xiao.my.id.id | udp |
| US | 1.1.1.1:53 | mircd.xiao.my.id.id | udp |
| US | 1.1.1.1:53 | mircd.xiao.my.id.id | udp |
| US | 1.1.1.1:53 | mircd.xiao.my.id.id | udp |
| US | 64.131.73.13:43 | mircd.hokkien.my.id | tcp |
| US | 1.1.1.1:53 | mircd.xiao.my.id.id | udp |
| US | 1.1.1.1:53 | mircd.xiao.my.id.id | udp |
| US | 1.1.1.1:53 | mircd.xiao.my.id.id | udp |
| US | 1.1.1.1:53 | mircd.xiao.my.id.id | udp |
| US | 1.1.1.1:53 | mircd.xiao.my.id.id | udp |
| US | 1.1.1.1:53 | mircd.xiao.my.id.id | udp |
| US | 1.1.1.1:53 | mircd.xiao.my.id.id | udp |
| US | 1.1.1.1:53 | mircd.xiao.my.id.id | udp |
| US | 1.1.1.1:53 | mircd.xiao.my.id.id | udp |
| US | 1.1.1.1:53 | mircd.xiao.my.id.id | udp |
| US | 1.1.1.1:53 | mircd.xiao.my.id.id | udp |
| US | 1.1.1.1:53 | mircd.xiao.my.id.id | udp |
| US | 1.1.1.1:53 | mircd.xiao.my.id.id | udp |
| US | 1.1.1.1:53 | mircd.xiao.my.id.id | udp |
| US | 1.1.1.1:53 | mircd.xiao.my.id.id | udp |
| US | 1.1.1.1:53 | mircd.xiao.my.id.id | udp |
Files
N/A