General
-
Target
749eb7fd01d545c73582592fd8a78d632c9f66a57769d13484d1e1599b05a28c
-
Size
515KB
-
Sample
241027-r46c9aydjc
-
MD5
0a1b377a36e48b5a59d7cc3327c5a2d9
-
SHA1
76bc8feded70c1e72b828aed8c9087dcebf97886
-
SHA256
749eb7fd01d545c73582592fd8a78d632c9f66a57769d13484d1e1599b05a28c
-
SHA512
acf3efc430d95eb2fc67e78e8a4fad597b7199e63425d4f4e951ab2d85b5b855cf3963b1d84b855126215745c7c1986c55d397f35f1ba2a109d0e84b76fcadd1
-
SSDEEP
12288:IZ/Q8mhPZBXybwIIdQLAxCnNXsUKpH0fyXNGqvZ48B8dfQwD26N:4I8oxBL7+MxGCp5zR468pQe
Static task
static1
Behavioral task
behavioral1
Sample
749eb7fd01d545c73582592fd8a78d632c9f66a57769d13484d1e1599b05a28c
Resource
debian9-mipsel-20240611-en
Malware Config
Targets
-
-
Target
749eb7fd01d545c73582592fd8a78d632c9f66a57769d13484d1e1599b05a28c
-
Size
515KB
-
MD5
0a1b377a36e48b5a59d7cc3327c5a2d9
-
SHA1
76bc8feded70c1e72b828aed8c9087dcebf97886
-
SHA256
749eb7fd01d545c73582592fd8a78d632c9f66a57769d13484d1e1599b05a28c
-
SHA512
acf3efc430d95eb2fc67e78e8a4fad597b7199e63425d4f4e951ab2d85b5b855cf3963b1d84b855126215745c7c1986c55d397f35f1ba2a109d0e84b76fcadd1
-
SSDEEP
12288:IZ/Q8mhPZBXybwIIdQLAxCnNXsUKpH0fyXNGqvZ48B8dfQwD26N:4I8oxBL7+MxGCp5zR468pQe
-
Detects Kaiten/Tsunami Payload
-
Kaiten family
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Indicator Removal: Timestomp
Adversaries may remove indicators of compromise from the host to evade detection.
-