General

  • Target

    linux_amd64.elf

  • Size

    5.2MB

  • Sample

    241108-lcjghszemh

  • MD5

    4cd555a733590bc0c010d8b0501d9dc3

  • SHA1

    8947c3630cac9deb2d308c4e6091730cc565847c

  • SHA256

    594593f96be084f84fa223088079ff5fc4ddfcb457cd52f972c844259bddb95a

  • SHA512

    8932c140fe37fbe2114cac0f990a18b92a9e7b756febbbd37a1f092880b6bdead9a7710abd834cfe7cb39c33f9dc5f467f984be325b653ade6a43ea0b05cdd63

  • SSDEEP

    49152:7Xa6xzZWhrb/T4vO90dL3BmAFd4A64nsfJPJ6TdXnT9aqeJaz2xNkapDnYRQoj1p:b2ONLBzSxtST9ElHz

Malware Config

Extracted

Family

kaiji

C2

154.201.84.237:7850

Targets

    • Target

      linux_amd64.elf

    • Size

      5.2MB

    • MD5

      4cd555a733590bc0c010d8b0501d9dc3

    • SHA1

      8947c3630cac9deb2d308c4e6091730cc565847c

    • SHA256

      594593f96be084f84fa223088079ff5fc4ddfcb457cd52f972c844259bddb95a

    • SHA512

      8932c140fe37fbe2114cac0f990a18b92a9e7b756febbbd37a1f092880b6bdead9a7710abd834cfe7cb39c33f9dc5f467f984be325b653ade6a43ea0b05cdd63

    • SSDEEP

      49152:7Xa6xzZWhrb/T4vO90dL3BmAFd4A64nsfJPJ6TdXnT9aqeJaz2xNkapDnYRQoj1p:b2ONLBzSxtST9ElHz

    • Kaiji

      Kaiji payload

    • Kaiji family

    • kaiji_chaosbot

      Chaos-variant payload

    • Executes dropped EXE

    • Modifies Watchdog functionality

      Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    • Creates/modifies Cron job

      Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    • Creates/modifies environment variables

      Creating/modifying environment variables is a common persistence mechanism.

    • Enumerates running processes

      Discovers information about currently running processes on the system

    • Modifies init.d

      Adds/modifies system service, likely for persistence.

    • Modifies systemd

      Adds/ modifies systemd service files. Likely to achieve persistence.

    • Write file to user bin folder

    • Modifies Bash startup script

MITRE ATT&CK Enterprise v15

Tasks