General
-
Target
2a02cf799a0231ff1faf3f5a02f4399fbe4492f0d68081e27f93c181b37731f1
-
Size
510KB
-
Sample
241020-jmcevayfnr
-
MD5
5d75670fdc5531ef09ec12de7fa8ab34
-
SHA1
8695057628cf9a12f97e260694dbfc50138cf0dd
-
SHA256
2a02cf799a0231ff1faf3f5a02f4399fbe4492f0d68081e27f93c181b37731f1
-
SHA512
6fd21a9554f00e4ab77401048a6a6361b1aa0c991ddfdd8a2b4938f4f95690dbd62c5c3b56b819fce10c0953a56a2e99d7d618778f269c5dd496e87ee7c91ea1
-
SSDEEP
12288:6N/85i/pHqAyIJQenHqDsOnXRQI6Z6udA56hsrIr5H+NIG/:oQcpKLK7oan7d00r5eX
Static task
static1
Behavioral task
behavioral1
Sample
2a02cf799a0231ff1faf3f5a02f4399fbe4492f0d68081e27f93c181b37731f1
Resource
debian9-mipsbe-20240611-en
Malware Config
Targets
-
-
Target
2a02cf799a0231ff1faf3f5a02f4399fbe4492f0d68081e27f93c181b37731f1
-
Size
510KB
-
MD5
5d75670fdc5531ef09ec12de7fa8ab34
-
SHA1
8695057628cf9a12f97e260694dbfc50138cf0dd
-
SHA256
2a02cf799a0231ff1faf3f5a02f4399fbe4492f0d68081e27f93c181b37731f1
-
SHA512
6fd21a9554f00e4ab77401048a6a6361b1aa0c991ddfdd8a2b4938f4f95690dbd62c5c3b56b819fce10c0953a56a2e99d7d618778f269c5dd496e87ee7c91ea1
-
SSDEEP
12288:6N/85i/pHqAyIJQenHqDsOnXRQI6Z6udA56hsrIr5H+NIG/:oQcpKLK7oan7d00r5eX
-
Detects Kaiten/Tsunami Payload
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Indicator Removal: Timestomp
Adversaries may remove indicators of compromise from the host to evade detection.
-