General
-
Target
na.elf
-
Size
418KB
-
Sample
250221-jq18daynx3
-
MD5
50924ddd9bfd1b1483493dff1780b693
-
SHA1
54cd4c4df91362437ef5b81dbf09b567c1de7674
-
SHA256
b20e79e3d0b0b7e33f9e7789bd2c93643baa8f17d76ed94d3acbffb6f6b7ec57
-
SHA512
cd841a8d6fd1f2fe7ef1e1c5c11a8df788ae7125df3e8021994c4b0680bbe2b57413c7a4cce9ca2f062be17edc3e8c5d86bbe3d22185705d0ab457dac1b52042
-
SSDEEP
12288:6QIkwT+V+46MTuxN+qpMBUH5kAAxwWVtBeS/:W4/y+qaBUZJAdVtL
Behavioral task
behavioral1
Sample
na.elf
Resource
ubuntu1804-amd64-20240729-en
Malware Config
Targets
-
-
Target
na.elf
-
Size
418KB
-
MD5
50924ddd9bfd1b1483493dff1780b693
-
SHA1
54cd4c4df91362437ef5b81dbf09b567c1de7674
-
SHA256
b20e79e3d0b0b7e33f9e7789bd2c93643baa8f17d76ed94d3acbffb6f6b7ec57
-
SHA512
cd841a8d6fd1f2fe7ef1e1c5c11a8df788ae7125df3e8021994c4b0680bbe2b57413c7a4cce9ca2f062be17edc3e8c5d86bbe3d22185705d0ab457dac1b52042
-
SSDEEP
12288:6QIkwT+V+46MTuxN+qpMBUH5kAAxwWVtBeS/:W4/y+qaBUZJAdVtL
-
Prometei_elf family
-
Deletes itself
-
Modifies hosts file
Adds to hosts file used for mapping hosts to IP addresses.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Modifies systemd
Adds/ modifies systemd service files. Likely to achieve persistence.
-
Write file to user bin folder
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1XDG Autostart Entries
1Create or Modify System Process
1Systemd Service
1