General
-
Target
af14830b73a61b22c3cfaec4ea019a949459ff74fcc5ab2806d59275a23633d1.elf
-
Size
418KB
-
Sample
250221-efty4askby
-
MD5
a7a2779ba6cd2b7d806665baec7cbb71
-
SHA1
c6ef05b2826632e9fc4348bba103f2b4a03bbf64
-
SHA256
af14830b73a61b22c3cfaec4ea019a949459ff74fcc5ab2806d59275a23633d1
-
SHA512
bf02ccb5ce59572dd6a8891157e8a0f72d5f5e4bf3ee32a304292a6a42c2b0d3f51c925f0e2e027972c0c46c77e670d6692142ffdbfab35b1e42f55bad22625c
-
SSDEEP
12288:6QIkwT+V+46MTuxN+qpMBUH5kAAxwWVtBeSD:W4/y+qaBUZJAdVtX
Behavioral task
behavioral1
Sample
af14830b73a61b22c3cfaec4ea019a949459ff74fcc5ab2806d59275a23633d1.elf
Resource
ubuntu2004-amd64-20240508-en
Malware Config
Targets
-
-
Target
af14830b73a61b22c3cfaec4ea019a949459ff74fcc5ab2806d59275a23633d1.elf
-
Size
418KB
-
MD5
a7a2779ba6cd2b7d806665baec7cbb71
-
SHA1
c6ef05b2826632e9fc4348bba103f2b4a03bbf64
-
SHA256
af14830b73a61b22c3cfaec4ea019a949459ff74fcc5ab2806d59275a23633d1
-
SHA512
bf02ccb5ce59572dd6a8891157e8a0f72d5f5e4bf3ee32a304292a6a42c2b0d3f51c925f0e2e027972c0c46c77e670d6692142ffdbfab35b1e42f55bad22625c
-
SSDEEP
12288:6QIkwT+V+46MTuxN+qpMBUH5kAAxwWVtBeSD:W4/y+qaBUZJAdVtX
-
Prometei_elf family
-
Deletes itself
-
Modifies hosts file
Adds to hosts file used for mapping hosts to IP addresses.
-
Reads EFI boot settings
Reads EFI boot settings from the efivars filesystem, may contain security secrets or sensitive data.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Modifies systemd
Adds/ modifies systemd service files. Likely to achieve persistence.
-
Write file to user bin folder
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1XDG Autostart Entries
1Create or Modify System Process
1Systemd Service
1Pre-OS Boot
1Bootkit
1