General
-
Target
na.elf
-
Size
418KB
-
Sample
250221-jdn3aawrgq
-
MD5
61da5878b52c13cc86e54ceae9ad9875
-
SHA1
dd2bd132248c312a1071d70c94281f801b7989f7
-
SHA256
4cdb122fd10f0b1c35eb8a1dbd4c93d7955e0e17821d34a5c98c63a4732ff8d0
-
SHA512
d72421109ca9a8bf6d0f491673a1798ba034713a035d4df5131d42b1b1033e9c7e8e66b20e09b06f0dc8b022e48bb69e63c8190512c105a0537c65980642fb09
-
SSDEEP
12288:6QIkwT+V+46MTuxN+qpMBUH5kAAxwWVtBeS/:W4/y+qaBUZJAdVtz
Behavioral task
behavioral1
Sample
na.elf
Resource
ubuntu2204-amd64-20240611-en
Malware Config
Targets
-
-
Target
na.elf
-
Size
418KB
-
MD5
61da5878b52c13cc86e54ceae9ad9875
-
SHA1
dd2bd132248c312a1071d70c94281f801b7989f7
-
SHA256
4cdb122fd10f0b1c35eb8a1dbd4c93d7955e0e17821d34a5c98c63a4732ff8d0
-
SHA512
d72421109ca9a8bf6d0f491673a1798ba034713a035d4df5131d42b1b1033e9c7e8e66b20e09b06f0dc8b022e48bb69e63c8190512c105a0537c65980642fb09
-
SSDEEP
12288:6QIkwT+V+46MTuxN+qpMBUH5kAAxwWVtBeS/:W4/y+qaBUZJAdVtz
-
Prometei_elf family
-
Deletes itself
-
Modifies hosts file
Adds to hosts file used for mapping hosts to IP addresses.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Modifies systemd
Adds/ modifies systemd service files. Likely to achieve persistence.
-
Write file to user bin folder
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1XDG Autostart Entries
1Create or Modify System Process
1Systemd Service
1