General
-
Target
e23128f2381bf961a270b912224c7131b79e679fed83fe6814e49da3c0af3989.elf
-
Size
418KB
-
Sample
250221-exfg2asnev
-
MD5
b0535db675e5a6dabecd522acbfa3e52
-
SHA1
1cf6f9621967e0195bd14212c65393aec51c8dae
-
SHA256
e23128f2381bf961a270b912224c7131b79e679fed83fe6814e49da3c0af3989
-
SHA512
5e8783a51c1e416d8a39ff81f86becaa0202aeeaa16ae72767228ba11dfbf957e0f0bb437d3cebe370848a397fdda8eab0781a28c1282c2ddd78c5c38e5f408b
-
SSDEEP
12288:6QIkwT+V+46MTuxN+qpMBUH5kAAxwWVtBeSo:W4/y+qaBUZJAdVtc
Behavioral task
behavioral1
Sample
e23128f2381bf961a270b912224c7131b79e679fed83fe6814e49da3c0af3989.elf
Resource
ubuntu1804-amd64-20240611-en
Malware Config
Targets
-
-
Target
e23128f2381bf961a270b912224c7131b79e679fed83fe6814e49da3c0af3989.elf
-
Size
418KB
-
MD5
b0535db675e5a6dabecd522acbfa3e52
-
SHA1
1cf6f9621967e0195bd14212c65393aec51c8dae
-
SHA256
e23128f2381bf961a270b912224c7131b79e679fed83fe6814e49da3c0af3989
-
SHA512
5e8783a51c1e416d8a39ff81f86becaa0202aeeaa16ae72767228ba11dfbf957e0f0bb437d3cebe370848a397fdda8eab0781a28c1282c2ddd78c5c38e5f408b
-
SSDEEP
12288:6QIkwT+V+46MTuxN+qpMBUH5kAAxwWVtBeSo:W4/y+qaBUZJAdVtc
-
Prometei_elf family
-
Deletes itself
-
Modifies hosts file
Adds to hosts file used for mapping hosts to IP addresses.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Modifies systemd
Adds/ modifies systemd service files. Likely to achieve persistence.
-
Write file to user bin folder
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1XDG Autostart Entries
1Create or Modify System Process
1Systemd Service
1