kaiji | b5f5065ba08fe289093ad7869e007bd1f6fc9146181281d5159f1a44920d605c | Triage

Sharing

General

Target

b22e1d8a5e844ba5c022214236d79149cfd31bba16505689b980613ea6e211ad.zip
Size

2.0MB
Sample

250224-pc6tla1qt8
MD5

fcc9cd003ec9e71ec8552216ede8b4b2
SHA1

c9bce0bd2309151e66fe63040a1721544ca8b540
SHA256

b5f5065ba08fe289093ad7869e007bd1f6fc9146181281d5159f1a44920d605c
SHA512

10ff7c7159dc1c044f39964727be0dc6c2045582dfe925025c4ae55a2aa011abd6d99292f22f713c1252dba3f7273639f18c2eff4cdfda7674e9b06585ba4923
SSDEEP

49152:UnHwcqBy1bBABafOPVJsV6kkoIcFoC9qcyS8QBT5:qHxqBy1bB+a2PVJjkEKdZyJQ15

Score

10^/10

kaiji discovery execution persistence privilege_escalation

Malware Config

Targets

- Target
  
  b22e1d8a5e844ba5c022214236d79149cfd31bba16505689b980613ea6e211ad.elf
- Size
  
  5.6MB
- MD5
  
  01fa4eba1eea6b33d1da3656a3867a8e
- SHA1
  
  d3cf7247e42670b1aaa12719386bb682beff71fd
- SHA256
  
  b22e1d8a5e844ba5c022214236d79149cfd31bba16505689b980613ea6e211ad
- SHA512
  
  16fb77636eb901d49883dbc5101aa7e2e4ed40fb0862518b55c2e617181e19558c96291522a532fada3d988964f355d109d0631ae421548acd3d2eca9ba01019
- SSDEEP
  
  49152:XW2ikDKMeT6zSjTmB+dGpawj/mNGZWtaan757Hhu/BQ37gMKUF+LEMpWXDDwG7bK:GT+L6zdDk
Score

10^/10

kaiji discovery execution persistence privilege_escalation
- Kaiji
  Kaiji payload
- Kaiji family
  kaiji
- Executes dropped EXE
- Creates/modifies Cron job
  Cron allows running tasks on a schedule, and is commonly used for malware persistence.
  execution persistence privilege_escalation
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Command and Scripting Interpreter

Unix Shell

Scheduled Task/Job

Cron

Persistence

Scheduled Task/Job

Cron

Privilege Escalation

Scheduled Task/Job

Cron

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

kaijidiscoveryexecutionpersistenceprivilege_escalation