General
-
Target
na.elf
-
Size
418KB
-
Sample
250221-f8xfcswnv3
-
MD5
b1a38abe3d183881e49bc06a285851ca
-
SHA1
5ea0113f5695d22681c655d4fa0971819a373476
-
SHA256
078f0221efc090f62048cdae8b4000bbd3898fbeff37784494a2773c5f2cda73
-
SHA512
7c34f4e613eaeb5e4dd4017533ca96ef8045f75fc6d3426f0436cea1564eb639e5bde43923e5eabd73ccb909009975868d4ab2206121c5530194086644bf355d
-
SSDEEP
12288:6QIkwT+V+46MTuxN+qpMBUH5kAAxwWVtBeSy:W4/y+qaBUZJAdVt+
Behavioral task
behavioral1
Sample
na.elf
Resource
ubuntu2404-amd64-20240523-en
Malware Config
Targets
-
-
Target
na.elf
-
Size
418KB
-
MD5
b1a38abe3d183881e49bc06a285851ca
-
SHA1
5ea0113f5695d22681c655d4fa0971819a373476
-
SHA256
078f0221efc090f62048cdae8b4000bbd3898fbeff37784494a2773c5f2cda73
-
SHA512
7c34f4e613eaeb5e4dd4017533ca96ef8045f75fc6d3426f0436cea1564eb639e5bde43923e5eabd73ccb909009975868d4ab2206121c5530194086644bf355d
-
SSDEEP
12288:6QIkwT+V+46MTuxN+qpMBUH5kAAxwWVtBeSy:W4/y+qaBUZJAdVt+
-
Prometei_elf family
-
Deletes itself
-
Modifies hosts file
Adds to hosts file used for mapping hosts to IP addresses.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Modifies systemd
Adds/ modifies systemd service files. Likely to achieve persistence.
-
Write file to user bin folder
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1XDG Autostart Entries
1Create or Modify System Process
1Systemd Service
1