General
-
Target
eb95eb2b593163b388fb3d9bcb33e82e233a1bf873bca945b7e5c2b64977a922.elf
-
Size
418KB
-
Sample
250221-ezf7cavlz6
-
MD5
817c605e1653237ca58dd5ef2a55166f
-
SHA1
cc02004c8d579280d3278a7bae735978c9016d28
-
SHA256
eb95eb2b593163b388fb3d9bcb33e82e233a1bf873bca945b7e5c2b64977a922
-
SHA512
e159faaffee8e5f3c0c6268c411988b5c312605ee304a6648368e6192740ea5322840fab8e066f0b64d8cc59074cafe7734ee8102d95ed6b8eadae4ae87cbfcd
-
SSDEEP
12288:6QIkwT+V+46MTuxN+qpMBUH5kAAxwWVtBeSz:W4/y+qaBUZJAdVtH
Behavioral task
behavioral1
Sample
eb95eb2b593163b388fb3d9bcb33e82e233a1bf873bca945b7e5c2b64977a922.elf
Resource
ubuntu2204-amd64-20240522.1-en
Malware Config
Targets
-
-
Target
eb95eb2b593163b388fb3d9bcb33e82e233a1bf873bca945b7e5c2b64977a922.elf
-
Size
418KB
-
MD5
817c605e1653237ca58dd5ef2a55166f
-
SHA1
cc02004c8d579280d3278a7bae735978c9016d28
-
SHA256
eb95eb2b593163b388fb3d9bcb33e82e233a1bf873bca945b7e5c2b64977a922
-
SHA512
e159faaffee8e5f3c0c6268c411988b5c312605ee304a6648368e6192740ea5322840fab8e066f0b64d8cc59074cafe7734ee8102d95ed6b8eadae4ae87cbfcd
-
SSDEEP
12288:6QIkwT+V+46MTuxN+qpMBUH5kAAxwWVtBeSz:W4/y+qaBUZJAdVtH
-
Prometei_elf family
-
Deletes itself
-
Modifies hosts file
Adds to hosts file used for mapping hosts to IP addresses.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Modifies systemd
Adds/ modifies systemd service files. Likely to achieve persistence.
-
Write file to user bin folder
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1XDG Autostart Entries
1Create or Modify System Process
1Systemd Service
1