General
-
Target
na.elf
-
Size
418KB
-
Sample
250222-t7q4vatqgk
-
MD5
f84bb9ca7f8e98f6284b191038b774d7
-
SHA1
b119f043fe0f1fa97e8a034f5a528156b673fd4e
-
SHA256
b34f5183af67fe92e82bbc05290b688cdd4524d2bdd3d2a22694f66a9d50513e
-
SHA512
666e9cb1d62d792b225017327873d2f3114240d2ab88a96573099961acd6bf66d335bffadae04ae513f360ee37a876dd89205ad75df7b44bd8d414e4d446cd03
-
SSDEEP
12288:6QIkwT+V+46MTuxN+qpMBUH5kAAxwWVtBeSN:W4/y+qaBUZJAdVtJ
Behavioral task
behavioral1
Sample
na.elf
Resource
ubuntu2404-amd64-20240523-en
Malware Config
Targets
-
-
Target
na.elf
-
Size
418KB
-
MD5
f84bb9ca7f8e98f6284b191038b774d7
-
SHA1
b119f043fe0f1fa97e8a034f5a528156b673fd4e
-
SHA256
b34f5183af67fe92e82bbc05290b688cdd4524d2bdd3d2a22694f66a9d50513e
-
SHA512
666e9cb1d62d792b225017327873d2f3114240d2ab88a96573099961acd6bf66d335bffadae04ae513f360ee37a876dd89205ad75df7b44bd8d414e4d446cd03
-
SSDEEP
12288:6QIkwT+V+46MTuxN+qpMBUH5kAAxwWVtBeSN:W4/y+qaBUZJAdVtJ
-
Prometei_elf family
-
Deletes itself
-
Modifies hosts file
Adds to hosts file used for mapping hosts to IP addresses.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Modifies systemd
Adds/ modifies systemd service files. Likely to achieve persistence.
-
Write file to user bin folder
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1XDG Autostart Entries
1Create or Modify System Process
1Systemd Service
1