Extracted

• • Target

    d33d8e661e9117698f00b1635c7e42171ae5a2738ee40fb4cae28cdfed7e3447.elf

  • Size

    5.2MB

  • MD5

    dabf6b48ef6b1e2583a8162b903d6264

  • SHA1

    42afd0b2022cfc5288b311336f29bed03302ee9b

  • SHA256

    d33d8e661e9117698f00b1635c7e42171ae5a2738ee40fb4cae28cdfed7e3447

  • SHA512

    b447b36497d491058970c8c6f3e1b81b516a8d7a99a9ae31c53289fa5b27619bdb14b454f31650db9abf486ca28b98a10f7dc50df08598733676bdc2cb9e9229

  • SSDEEP

    49152:7Xa6xzZWhrb/T4vO90dL3BmAFd4A64nsfJPJ6TdXnT9aqeJaz2xNkapDnYRQoj1+:b2ONLBzSxtSTIElHz

  Score

  10^/10

  kaijidefense_evasiondiscoveryexecutionpersistenceprivilege_escalation

  • Kaiji

    Kaiji payload

  • Kaiji family

    kaiji

  • kaiji_chaosbot

    Chaos-variant payload

  • Executes dropped EXE

  • Modifies Watchdog functionality

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion

  • Creates/modifies Cron job

    Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    executionpersistenceprivilege_escalation

  • Creates/modifies environment variables

    Creating/modifying environment variables is a common persistence mechanism.

    persistenceprivilege_escalationdefense_evasion

  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Modifies init.d

    Adds/modifies system service, likely for persistence.

    persistence

  • Modifies systemd

    Adds/ modifies systemd service files. Likely to achieve persistence.

    persistenceprivilege_escalation

  • Write file to user bin folder

    persistence

  • Modifies Bash startup script

    persistence
  behavioral1