Chaos is a Go-based Swiss army knife of malware - Lumen
Tags
country: Australia China New Zealand
attack-pattern: Data Direct Model Botnet - T1583.005 Botnet - T1584.005 Domains - T1583.001 Domains - T1584.001 Ip Addresses - T1590.005 Malware - T1587.001 Malware - T1588.001 Private Keys - T1552.004 Server - T1583.004 Server - T1584.004 Software - T1592.002 Ssh - T1021.004 Vulnerabilities - T1588.006 Brute Force - T1110 Private Keys - T1145
Show in Graph
Common Information
Type Value
UUID 3a8ab247-2b1e-4cd5-8bb0-0bec11433ddd
Fingerprint b534895b016722a0
Analysis status DONE
Considered CTI value 0
Text language
Published Sept. 28, 2022, 1:30 p.m.
Added to db Jan. 18, 2023, 8:33 p.m.
Last updated Nov. 17, 2024, 5:56 p.m.
Headline Chaos is a Go-based Swiss army knife of malware
Title Chaos is a Go-based Swiss army knife of malware - Lumen
Detected Hints/Tags/Attributes 101/2/11
Source URLs
Redirection Url
Details Source https://blog.lumen.com/chaos-is-a-go-based-swiss-army-knife-of-malware/
Details Source https://blog.lumen.com/chaos-is-a-go-based-swiss-army-knife-of-malware/?utm_source=press+release&utm_medium=referral
URL Provider
Details Provider Source level domain
Details lumen.com blog.lumen.com
Attributes
Details Type #Events CTI Value
Details CVE 72 
cve-2017-17215
Details CVE 15 
cve-2022-30525
Details Domain 4 
download.sh
Details Domain 2 
id.services
Details File 165 
csrss.exe
Details File 58 
password.txt
Details File 2 
cve.txt
Details File 10 
download.txt
Details File 99 
passwords.txt
Details Url 1 
http://ip:port/passwords.txt
Details Windows Registry Key 47 
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run