General
-
Target
d6336a54ed4c5e9e77b0d04613ea98ca26c3993a1f00c278bed8c05479aa5c8c.elf
-
Size
418KB
-
Sample
250222-g4pqds1qz5
-
MD5
5520e36e448d636cad43108f7ceab7ba
-
SHA1
3467210188f8caa092d82abfb8bdf3b96e41d566
-
SHA256
d6336a54ed4c5e9e77b0d04613ea98ca26c3993a1f00c278bed8c05479aa5c8c
-
SHA512
0c567c13eb57121eeff555fae15fe41402deebae1386655f7bcd6c9c25c25e075b3b95c10be76402a8bd66b2a3f113484b727feb14ca48feee05b9d11cb142f1
-
SSDEEP
12288:6QIkwT+V+46MTuxN+qpMBUH5kAAxwWVtBeSC:W4/y+qaBUZJAdVtu
Behavioral task
behavioral1
Sample
d6336a54ed4c5e9e77b0d04613ea98ca26c3993a1f00c278bed8c05479aa5c8c.elf
Resource
ubuntu2004-amd64-20240611-en
Malware Config
Targets
-
-
Target
d6336a54ed4c5e9e77b0d04613ea98ca26c3993a1f00c278bed8c05479aa5c8c.elf
-
Size
418KB
-
MD5
5520e36e448d636cad43108f7ceab7ba
-
SHA1
3467210188f8caa092d82abfb8bdf3b96e41d566
-
SHA256
d6336a54ed4c5e9e77b0d04613ea98ca26c3993a1f00c278bed8c05479aa5c8c
-
SHA512
0c567c13eb57121eeff555fae15fe41402deebae1386655f7bcd6c9c25c25e075b3b95c10be76402a8bd66b2a3f113484b727feb14ca48feee05b9d11cb142f1
-
SSDEEP
12288:6QIkwT+V+46MTuxN+qpMBUH5kAAxwWVtBeSC:W4/y+qaBUZJAdVtu
-
Prometei_elf family
-
Deletes itself
-
Modifies hosts file
Adds to hosts file used for mapping hosts to IP addresses.
-
Reads EFI boot settings
Reads EFI boot settings from the efivars filesystem, may contain security secrets or sensitive data.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Modifies systemd
Adds/ modifies systemd service files. Likely to achieve persistence.
-
Write file to user bin folder
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1XDG Autostart Entries
1Create or Modify System Process
1Systemd Service
1Pre-OS Boot
1Bootkit
1