General
-
Target
dff1e680c8e724d5bf9dd2428984235ea8de07dbfd3d93f930b0193ce4c84b91.elf
-
Size
418KB
-
Sample
250221-ew2nwatjal
-
MD5
aab28a42c3ae158c9f395636f6212cb1
-
SHA1
0bdc3c9ebda9dff8214a541ce1d5acccd8a982b4
-
SHA256
dff1e680c8e724d5bf9dd2428984235ea8de07dbfd3d93f930b0193ce4c84b91
-
SHA512
61a7d5cd0e02df37142fc1aa9e7dc2ad3ef32548288c20de05692c4a66f9edc0a56c75e7d84c265228182a24a14958da144cc1fb2dc0782641e86503092106c0
-
SSDEEP
12288:6QIkwT+V+46MTuxN+qpMBUH5kAAxwWVtBeSN:W4/y+qaBUZJAdVtZ
Behavioral task
behavioral1
Sample
dff1e680c8e724d5bf9dd2428984235ea8de07dbfd3d93f930b0193ce4c84b91.elf
Resource
ubuntu2004-amd64-20241127-en
Malware Config
Targets
-
-
Target
dff1e680c8e724d5bf9dd2428984235ea8de07dbfd3d93f930b0193ce4c84b91.elf
-
Size
418KB
-
MD5
aab28a42c3ae158c9f395636f6212cb1
-
SHA1
0bdc3c9ebda9dff8214a541ce1d5acccd8a982b4
-
SHA256
dff1e680c8e724d5bf9dd2428984235ea8de07dbfd3d93f930b0193ce4c84b91
-
SHA512
61a7d5cd0e02df37142fc1aa9e7dc2ad3ef32548288c20de05692c4a66f9edc0a56c75e7d84c265228182a24a14958da144cc1fb2dc0782641e86503092106c0
-
SSDEEP
12288:6QIkwT+V+46MTuxN+qpMBUH5kAAxwWVtBeSN:W4/y+qaBUZJAdVtZ
-
Prometei_elf family
-
Deletes itself
-
Modifies hosts file
Adds to hosts file used for mapping hosts to IP addresses.
-
Reads EFI boot settings
Reads EFI boot settings from the efivars filesystem, may contain security secrets or sensitive data.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Modifies systemd
Adds/ modifies systemd service files. Likely to achieve persistence.
-
Write file to user bin folder
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1XDG Autostart Entries
1Create or Modify System Process
1Systemd Service
1Pre-OS Boot
1Bootkit
1