General
-
Target
linux_386.elf
-
Size
5.0MB
-
Sample
250419-xnq7aas1gt
-
MD5
d21d21cb8de14e90f180b9c1f79276b3
-
SHA1
b83ccf62b44343b28181924e5047fb034421e124
-
SHA256
71ccac9d63fd1c2799963f5e5d87ee62f0c306741ae796dc4ea3777bdb0e8f09
-
SHA512
5ba5ea34dbe8d8bf62a64640e86c449aa07153c5c4aac88a01db879829feb28f312cb5ad2869d3a0e3679c8159ebddbe7c863b439e4593a13960a1dcfcc00b3c
-
SSDEEP
49152:uwybthh2kkjvF77Rn2o03wiEh4hgzRqtN9Tu+H+XfylvVt96CuajJpmhW16kDvrf:uwyRh7kzFkgzausxdaHY4A
Behavioral task
behavioral1
Sample
linux_386.elf
Resource
ubuntu1804-amd64-20250410-en
Malware Config
Extracted
kaiji
2.59.151.111:8080
Targets
-
-
Target
linux_386.elf
-
Size
5.0MB
-
MD5
d21d21cb8de14e90f180b9c1f79276b3
-
SHA1
b83ccf62b44343b28181924e5047fb034421e124
-
SHA256
71ccac9d63fd1c2799963f5e5d87ee62f0c306741ae796dc4ea3777bdb0e8f09
-
SHA512
5ba5ea34dbe8d8bf62a64640e86c449aa07153c5c4aac88a01db879829feb28f312cb5ad2869d3a0e3679c8159ebddbe7c863b439e4593a13960a1dcfcc00b3c
-
SSDEEP
49152:uwybthh2kkjvF77Rn2o03wiEh4hgzRqtN9Tu+H+XfylvVt96CuajJpmhW16kDvrf:uwyRh7kzFkgzausxdaHY4A
-
Kaiji
Kaiji payload
-
Kaiji family
-
kaiji_chaosbot
Chaos-variant payload
-
Executes dropped EXE
-
Modifies Watchdog functionality
Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
-
Creates/modifies Cron job
Cron allows running tasks on a schedule, and is commonly used for malware persistence.
-
Creates/modifies environment variables
Creating/modifying environment variables is a common persistence mechanism.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Write file to user bin folder
-
Modifies Bash startup script
-
MITRE ATT&CK Enterprise v16
Persistence
Boot or Logon Autostart Execution
2Boot or Logon Initialization Scripts
1RC Scripts
1Event Triggered Execution
1Unix Shell Configuration Modification
1Hijack Execution Flow
1Path Interception by PATH Environment Variable
1Scheduled Task/Job
1Cron
1Privilege Escalation
Boot or Logon Autostart Execution
2Boot or Logon Initialization Scripts
1RC Scripts
1Event Triggered Execution
1Unix Shell Configuration Modification
1Hijack Execution Flow
1Path Interception by PATH Environment Variable
1Scheduled Task/Job
1Cron
1