Extracted

• • Target

    eab59707129d9936ffae7fd81bbd121712f8d129380cf918a9cefccdcb6e2308.elf

  • Size

    5.1MB

  • MD5

    af449b95e6d8acf8ba2ccd349c0da135

  • SHA1

    2ed2e31fd8fe3f537ed824d4c4aaa4a58ba39555

  • SHA256

    eab59707129d9936ffae7fd81bbd121712f8d129380cf918a9cefccdcb6e2308

  • SHA512

    2c33f4a2aecec1ed2d7e18909cb54b3cc421354def7869355ef155be13ca000994ed75eb50437d3f184345c83977019d1ad60b7fc97a6db88834eae5d5af34e9

  • SSDEEP

    98304:8cSBHdgN2a7JP97kJru8cYWPAXqEu+60:8cS03su+6

  Score

  10^/10

  kaijidefense_evasiondiscoveryexecutionpersistenceprivilege_escalation

  • Kaiji

    Kaiji payload

  • Kaiji family

    kaiji

  • kaiji_chaosbot

    Chaos-variant payload

  • Executes dropped EXE

  • Modifies Watchdog functionality

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion

  • Creates/modifies Cron job

    Cron allows running tasks on a schedule, and is commonly used for malware persistence.

    executionpersistenceprivilege_escalation

  • Creates/modifies environment variables

    Creating/modifying environment variables is a common persistence mechanism.

    persistenceprivilege_escalationdefense_evasion

  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Modifies init.d

    Adds/modifies system service, likely for persistence.

    persistence

  • Write file to user bin folder

    persistence

  • Modifies Bash startup script

    persistence
  behavioral1