General
-
Target
na.elf
-
Size
418KB
-
Sample
250221-d1dl6s1qcv
-
MD5
c925d1ffdb3eb8a5231cd125bb26cc3b
-
SHA1
547e54a122ff089e0d172cddfc1d18a3e87e7ab4
-
SHA256
13ad819448e3bb7477f5d0191fe7322927a5396ae2ed21faa43e4a2b84e3a449
-
SHA512
15322140eaa35027388a41239263e122d19d66ad3f7164e7ccda73cd06cdc48f057d6a6ba90803c20f47f3363cfc6e485325ef789432dc115d4a74b73dc55c21
-
SSDEEP
12288:6QIkwT+V+46MTuxN+qpMBUH5kAAxwWVtBeSR:W4/y+qaBUZJAdVtd
Behavioral task
behavioral1
Sample
na.elf
Resource
ubuntu2404-amd64-20240729-en
Malware Config
Targets
-
-
Target
na.elf
-
Size
418KB
-
MD5
c925d1ffdb3eb8a5231cd125bb26cc3b
-
SHA1
547e54a122ff089e0d172cddfc1d18a3e87e7ab4
-
SHA256
13ad819448e3bb7477f5d0191fe7322927a5396ae2ed21faa43e4a2b84e3a449
-
SHA512
15322140eaa35027388a41239263e122d19d66ad3f7164e7ccda73cd06cdc48f057d6a6ba90803c20f47f3363cfc6e485325ef789432dc115d4a74b73dc55c21
-
SSDEEP
12288:6QIkwT+V+46MTuxN+qpMBUH5kAAxwWVtBeSR:W4/y+qaBUZJAdVtd
-
Prometei_elf family
-
Deletes itself
-
Modifies hosts file
Adds to hosts file used for mapping hosts to IP addresses.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Modifies systemd
Adds/ modifies systemd service files. Likely to achieve persistence.
-
Write file to user bin folder
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1XDG Autostart Entries
1Create or Modify System Process
1Systemd Service
1