Extracted

• • Target

    e8361def9aa8d9f49d44a637431da0237cbdbc0b0993293b22d6c4f8d832a4ef.elf

  • Size

    5.1MB

  • MD5

    f648315e395a757a8d0caefb442a3f33

  • SHA1

    b49ca10b115b41f4e7360a57658a05cb5b130e2e

  • SHA256

    e8361def9aa8d9f49d44a637431da0237cbdbc0b0993293b22d6c4f8d832a4ef

  • SHA512

    5aafc3c9f1f59be8aab2ed16ab64dff77df92deee14675aadf6faf69883115f13f244ec7335a64e83b9a6f1d752e55b4d93f2ec9a33944a1a788f63ec3ddfdd4

  • SSDEEP

    49152:QtKY0CdO+kBRx0Tg0qTecEG7meYuhN+lYfQMcU1F1:OKY3U+qRxQ3qKDM

  Score

  10^/10

  kaijidefense_evasiondiscoveryexecutionpersistenceprivilege_escalation

  • Kaiji

    Kaiji payload

  • Kaiji family

    kaiji

  • kaiji_chaosbot

    Chaos-variant payload

  • Executes dropped EXE

  • Modifies Watchdog functionality

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion

  • Creates/modifies Cron job

    Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    executionpersistenceprivilege_escalation

  • Creates/modifies environment variables

    Creating/modifying environment variables is a common persistence mechanism.

    persistenceprivilege_escalationdefense_evasion

  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Modifies init.d

    Adds/modifies system service, likely for persistence.

    persistence

  • Write file to user bin folder

    persistence

  • Modifies Bash startup script

    persistence
  behavioral1