kaiji | c858f4e0ba6e6af00db0fdff7ddbf58a27d1c1ec57896367e52a1d0b5f09191f | Triage

Submit
Reports

Overview

overview

Static

static

c858f4e0ba...1f.elf

debian-9-mips

Sharing

General

Target

c858f4e0ba6e6af00db0fdff7ddbf58a27d1c1ec57896367e52a1d0b5f09191f.elf
Size

5.6MB
Sample

250321-erxt5as1ey
MD5

fbf096212c93ddffb456ab302df8e786
SHA1

2b56a586a7f0596121c70cbb413ea9011f318f88
SHA256

c858f4e0ba6e6af00db0fdff7ddbf58a27d1c1ec57896367e52a1d0b5f09191f
SHA512

bb9c41b580f886806e642e4633e7b357717a8960148c3be9fc87ab08e6a2f8f778402235d01032bc9d64ffbc7a9c32a7ea7c6d34fb0e9d574f81acf569b52bee
SSDEEP

49152:L3qbSw1zUu72RTScFnsKbyRHzPDPs4coYtJkEk2wBIxWyDp/9zUH+zOuUx83ZIqG:jqO0o2jgDQ

Score

10^/10

kaiji discovery execution persistence privilege_escalation

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

c858f4e0ba6e6af00db0fdff7ddbf58a27d1c1ec57896367e52a1d0b5f09191f.elf

Resource

debian9-mipsbe-20240611-en

kaiji discovery execution persistence privilege_escalation

debian-9-mips

11 signatures

150 seconds

Malware Config

Targets

- Target
  
  c858f4e0ba6e6af00db0fdff7ddbf58a27d1c1ec57896367e52a1d0b5f09191f.elf
- Size
  
  5.6MB
- MD5
  
  fbf096212c93ddffb456ab302df8e786
- SHA1
  
  2b56a586a7f0596121c70cbb413ea9011f318f88
- SHA256
  
  c858f4e0ba6e6af00db0fdff7ddbf58a27d1c1ec57896367e52a1d0b5f09191f
- SHA512
  
  bb9c41b580f886806e642e4633e7b357717a8960148c3be9fc87ab08e6a2f8f778402235d01032bc9d64ffbc7a9c32a7ea7c6d34fb0e9d574f81acf569b52bee
- SSDEEP
  
  49152:L3qbSw1zUu72RTScFnsKbyRHzPDPs4coYtJkEk2wBIxWyDp/9zUH+zOuUx83ZIqG:jqO0o2jgDQ
Score

10^/10

kaiji discovery execution persistence privilege_escalation
- Kaiji
  Kaiji payload
- Kaiji family
  kaiji
- kaiji_chaosbot
  Chaos-variant payload
- Executes dropped EXE
- Creates/modifies Cron job
  Cron allows running tasks on a schedule, and is commonly used for malware persistence.
  execution persistence privilege_escalation
- Enumerates running processes
  Discovers information about currently running processes on the system
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Scheduled Task/Job

Cron

Persistence

Scheduled Task/Job

Cron

Privilege Escalation

Scheduled Task/Job

Cron

Defense Evasion

Credential Access

Discovery

System Information Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

kaijidiscoveryexecutionpersistenceprivilege_escalation

© 2018-2025

Terms | Privacy