kaiten | d6f7fa3acf502d0b6e11197d80d305748999225be6f4eaf28e05a7c94facd432 | Triage

Submit
Reports

Overview

overview

Static

static

5

pty

debian-12-armhf

pty

ubuntu-18.04-amd64

Resubmissions

12/02/2025, 23:17

250212-291easzkdq 10

Sharing

General

Target

pty
Size

43KB
Sample

250212-291easzkdq
MD5

f92f2b6c2e7a924d864906b702f8ee88
SHA1

4f93d33a4da9c35c44fbdab3e819ca10f42ee3d3
SHA256

d6f7fa3acf502d0b6e11197d80d305748999225be6f4eaf28e05a7c94facd432
SHA512

91b20febb2c83ca0be99abf6aae58f0415005e22a3e93247fc7711b900bea6d2380f7c10000f3c8d22e46302acae8af99454b9e873658ace12494efeb043f721
SSDEEP

768:AStrEaF1mquHO0PPCIh+cgTi/7Qv6CKnbcuyD7UYctikLZDg:AQEERt0n6cgTi/7Qv6dnouy8YctikLG

Score

10^/10

kaiten botnet discovery linux upx

Static task

static1

1 signatures

Behavioral task

behavioral1

Sample

pty

Resource

debian12-armhf-20240729-en

debian-12-armhf

0 signatures

300 seconds

Behavioral task

behavioral2

Sample

pty

Resource

ubuntu1804-amd64-20240611-en

kaiten botnet discovery

ubuntu-18.04-amd64

4 signatures

300 seconds

Malware Config

Targets

- Target
  
  pty
- Size
  
  43KB
- MD5
  
  f92f2b6c2e7a924d864906b702f8ee88
- SHA1
  
  4f93d33a4da9c35c44fbdab3e819ca10f42ee3d3
- SHA256
  
  d6f7fa3acf502d0b6e11197d80d305748999225be6f4eaf28e05a7c94facd432
- SHA512
  
  91b20febb2c83ca0be99abf6aae58f0415005e22a3e93247fc7711b900bea6d2380f7c10000f3c8d22e46302acae8af99454b9e873658ace12494efeb043f721
- SSDEEP
  
  768:AStrEaF1mquHO0PPCIh+cgTi/7Qv6CKnbcuyD7UYctikLZDg:AQEERt0n6cgTi/7Qv6dnouy8YctikLG
Score

10^/10

kaiten botnet discovery
- Detects Kaiten/Tsunami Payload
- Kaiten family
  kaiten
- Kaiten/Tsunami
  Linux-based IoT botnet which is controlled through IRC and normally used to carry out DDoS attacks.
  botnet kaiten
behavioral1 behavioral2

MITRE ATT&CK Matrix

Tasks

static1

behavioral1

behavioral2

kaitenbotnetdiscovery

© 2018-2025

Terms | Privacy