General
-
Target
na.elf
-
Size
418KB
-
Sample
250222-qwwy6sypy5
-
MD5
1a603586fb977ab06534e09867053a90
-
SHA1
4fb82079fc11f59859dfe2137ab053f5efcdde74
-
SHA256
d3177e9a241a632ba753b2e073af74169275ae64b8a1a256a7b8976de853396e
-
SHA512
474b96a510c60c405d28ee7449e3111ded252955a09f49a653dceb9664433110864e8bc1a185fe1a81a27acd73c08a927e6039cbd32e84b00d17528f18413bd2
-
SSDEEP
12288:6QIkwT+V+46MTuxN+qpMBUH5kAAxwWVtBeSc:W4/y+qaBUZJAdVtw
Behavioral task
behavioral1
Sample
na.elf
Resource
ubuntu2204-amd64-20240729-en
Malware Config
Targets
-
-
Target
na.elf
-
Size
418KB
-
MD5
1a603586fb977ab06534e09867053a90
-
SHA1
4fb82079fc11f59859dfe2137ab053f5efcdde74
-
SHA256
d3177e9a241a632ba753b2e073af74169275ae64b8a1a256a7b8976de853396e
-
SHA512
474b96a510c60c405d28ee7449e3111ded252955a09f49a653dceb9664433110864e8bc1a185fe1a81a27acd73c08a927e6039cbd32e84b00d17528f18413bd2
-
SSDEEP
12288:6QIkwT+V+46MTuxN+qpMBUH5kAAxwWVtBeSc:W4/y+qaBUZJAdVtw
-
Prometei_elf family
-
Deletes itself
-
Modifies hosts file
Adds to hosts file used for mapping hosts to IP addresses.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Modifies systemd
Adds/ modifies systemd service files. Likely to achieve persistence.
-
Write file to user bin folder
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1XDG Autostart Entries
1Create or Modify System Process
1Systemd Service
1