General
-
Target
na.elf
-
Size
418KB
-
Sample
250222-h9p4sasqv9
-
MD5
eb75325250dedbdfeda48ba61e8a2ff6
-
SHA1
09ca7bc90514815f994e25bac54def3d24dce08b
-
SHA256
560a96ce115e4f9042c6791d61e60288efc70881eeb4370786eeddd4cd55c4d0
-
SHA512
1938f8a3b7c9587f3be52d6fc8c7766a7f109d05dc1fb8adbcb3bf9746774a6631906c77082a071e0ae39b970def7172d7f034cd2a3c7e3eed4d8780e0ef7e22
-
SSDEEP
12288:6QIkwT+V+46MTuxN+qpMBUH5kAAxwWVtBeS+:W4/y+qaBUZJAdVti
Behavioral task
behavioral1
Sample
na.elf
Resource
ubuntu2404-amd64-20240729-en
Malware Config
Targets
-
-
Target
na.elf
-
Size
418KB
-
MD5
eb75325250dedbdfeda48ba61e8a2ff6
-
SHA1
09ca7bc90514815f994e25bac54def3d24dce08b
-
SHA256
560a96ce115e4f9042c6791d61e60288efc70881eeb4370786eeddd4cd55c4d0
-
SHA512
1938f8a3b7c9587f3be52d6fc8c7766a7f109d05dc1fb8adbcb3bf9746774a6631906c77082a071e0ae39b970def7172d7f034cd2a3c7e3eed4d8780e0ef7e22
-
SSDEEP
12288:6QIkwT+V+46MTuxN+qpMBUH5kAAxwWVtBeS+:W4/y+qaBUZJAdVti
-
Prometei_elf family
-
Deletes itself
-
Modifies hosts file
Adds to hosts file used for mapping hosts to IP addresses.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Modifies systemd
Adds/ modifies systemd service files. Likely to achieve persistence.
-
Write file to user bin folder
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1XDG Autostart Entries
1Create or Modify System Process
1Systemd Service
1