kaiji | 1ab8a8d49e1854d00ab7b67267eb40c4f96bfbfb5dd80dbed89c0fea0cd226fb | Triage

Submit
Reports

Overview

overview

Static

static

1ab8a8d49e...fb.elf

debian-9-mipsel

Sharing

General

Target

1ab8a8d49e1854d00ab7b67267eb40c4f96bfbfb5dd80dbed89c0fea0cd226fb.elf
Size

5.6MB
Sample

250321-cp69ns1zgt
MD5

1bc524efea7982b3b6c8fca7c30286ec
SHA1

83021a81635d966164f19c8bfad1aeafd22f406b
SHA256

1ab8a8d49e1854d00ab7b67267eb40c4f96bfbfb5dd80dbed89c0fea0cd226fb
SHA512

4f5dd02820a316ab77dfb69d42265d4398af846f9b59c64e46de57c9bf05fd8a94208027008e1367641d052321de17c8e6874c722f24aa0e5db84443cd35fe4f
SSDEEP

49152:+RxVVRFMTwGupkYzfgh7rxQ2USaU85Jbq1rQcR6VYv0VF1:

Score

10^/10

kaiji discovery execution persistence privilege_escalation

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

1ab8a8d49e1854d00ab7b67267eb40c4f96bfbfb5dd80dbed89c0fea0cd226fb.elf

Resource

debian9-mipsel-20240226-en

kaiji discovery execution persistence privilege_escalation

debian-9-mipsel

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  1ab8a8d49e1854d00ab7b67267eb40c4f96bfbfb5dd80dbed89c0fea0cd226fb.elf
- Size
  
  5.6MB
- MD5
  
  1bc524efea7982b3b6c8fca7c30286ec
- SHA1
  
  83021a81635d966164f19c8bfad1aeafd22f406b
- SHA256
  
  1ab8a8d49e1854d00ab7b67267eb40c4f96bfbfb5dd80dbed89c0fea0cd226fb
- SHA512
  
  4f5dd02820a316ab77dfb69d42265d4398af846f9b59c64e46de57c9bf05fd8a94208027008e1367641d052321de17c8e6874c722f24aa0e5db84443cd35fe4f
- SSDEEP
  
  49152:+RxVVRFMTwGupkYzfgh7rxQ2USaU85Jbq1rQcR6VYv0VF1:
Score

10^/10

kaiji discovery execution persistence privilege_escalation
- Kaiji
  Kaiji payload
- Kaiji family
  kaiji
- kaiji_chaosbot
  Chaos-variant payload
- Executes dropped EXE
- Creates/modifies Cron job
  Cron allows running tasks on a schedule, and is commonly used for malware persistence.
  execution persistence privilege_escalation
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Cron

Persistence

Scheduled Task/Job

Cron

Privilege Escalation

Scheduled Task/Job

Cron

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

kaijidiscoveryexecutionpersistenceprivilege_escalation

© 2018-2025

Terms | Privacy