General
-
Target
irq2
-
Size
515KB
-
Sample
241027-ntldjsvlfm
-
MD5
2ad737fb9e6ce08a164ddb8386f19b16
-
SHA1
86e87501edbdb8b6ee6ada9497ba2b62d741decc
-
SHA256
8e9cd77c31ba14b925208fa5e3d9f5675909f0a5ebc2399bdd9e36279314abd1
-
SHA512
068f4f7659c1d29ac0a6510e591100fba7fa1ffc445db21ce6487d77c8b34370fce3a24b4e9ff18b8910757123f593342dd80e473c0e337e7fa504eb3a13754f
-
SSDEEP
12288:v/J7M48SdpPK0RkLbZLn4nQdVV05tXqozEpwK9:HplxmLbJ4sY5tlzuv
Static task
static1
Behavioral task
behavioral1
Sample
irq2
Resource
debian12-mipsel-20240221-en
Malware Config
Targets
-
-
Target
irq2
-
Size
515KB
-
MD5
2ad737fb9e6ce08a164ddb8386f19b16
-
SHA1
86e87501edbdb8b6ee6ada9497ba2b62d741decc
-
SHA256
8e9cd77c31ba14b925208fa5e3d9f5675909f0a5ebc2399bdd9e36279314abd1
-
SHA512
068f4f7659c1d29ac0a6510e591100fba7fa1ffc445db21ce6487d77c8b34370fce3a24b4e9ff18b8910757123f593342dd80e473c0e337e7fa504eb3a13754f
-
SSDEEP
12288:v/J7M48SdpPK0RkLbZLn4nQdVV05tXqozEpwK9:HplxmLbJ4sY5tlzuv
-
Detects Kaiten/Tsunami Payload
-
Kaiten family
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Indicator Removal: Timestomp
Adversaries may remove indicators of compromise from the host to evade detection.
-