General
-
Target
na.elf
-
Size
418KB
-
Sample
250221-dmyees1mfw
-
MD5
387e1a014557790cc7c44dc59c48b8c6
-
SHA1
0de682082777e795545bb123dd0a748c6d665145
-
SHA256
5f4d6d34ea5164b8e1c375dd3a7b1a909ba0c07f8abdaed4fc10382d68b7cde8
-
SHA512
c2268518f7a2704b3d984c244d01abd7228b31cc91d427600b237f18c27b41ff10f375e48a1195a0bd79c47943ce5d65032f42f2aed19fe89d9324fa32bb6cee
-
SSDEEP
12288:6QIkwT+V+46MTuxN+qpMBUH5kAAxwWVtBeS0:W4/y+qaBUZJAdVtQ
Behavioral task
behavioral1
Sample
na.elf
Resource
ubuntu1804-amd64-20240508-en
Malware Config
Targets
-
-
Target
na.elf
-
Size
418KB
-
MD5
387e1a014557790cc7c44dc59c48b8c6
-
SHA1
0de682082777e795545bb123dd0a748c6d665145
-
SHA256
5f4d6d34ea5164b8e1c375dd3a7b1a909ba0c07f8abdaed4fc10382d68b7cde8
-
SHA512
c2268518f7a2704b3d984c244d01abd7228b31cc91d427600b237f18c27b41ff10f375e48a1195a0bd79c47943ce5d65032f42f2aed19fe89d9324fa32bb6cee
-
SSDEEP
12288:6QIkwT+V+46MTuxN+qpMBUH5kAAxwWVtBeS0:W4/y+qaBUZJAdVtQ
-
Prometei_elf family
-
Deletes itself
-
Modifies hosts file
Adds to hosts file used for mapping hosts to IP addresses.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Modifies systemd
Adds/ modifies systemd service files. Likely to achieve persistence.
-
Write file to user bin folder
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1XDG Autostart Entries
1Create or Modify System Process
1Systemd Service
1