General
-
Target
na.elf
-
Size
418KB
-
Sample
250222-vj468swlw2
-
MD5
1bacfa9a041ce3de0b49d334aaea9bea
-
SHA1
5e7a9ca5aedb5b0c76c0318bc0bdf2e57dcc20f8
-
SHA256
cb8562a2180f49c5ef3860831297cb48f803bcdf224bf14ada7a7263b4be4623
-
SHA512
d637ada1e0d798f198413af61b4255c86b291d9404ce2e2eda25e56ca8c7d376dcbc78a807f99a01d25c94a62f26dd067286b66a34ca3904f21eb7e48b874d38
-
SSDEEP
12288:6QIkwT+V+46MTuxN+qpMBUH5kAAxwWVtBeSv:W4/y+qaBUZJAdVtT
Behavioral task
behavioral1
Sample
na.elf
Resource
ubuntu2404-amd64-20240523-en
Malware Config
Targets
-
-
Target
na.elf
-
Size
418KB
-
MD5
1bacfa9a041ce3de0b49d334aaea9bea
-
SHA1
5e7a9ca5aedb5b0c76c0318bc0bdf2e57dcc20f8
-
SHA256
cb8562a2180f49c5ef3860831297cb48f803bcdf224bf14ada7a7263b4be4623
-
SHA512
d637ada1e0d798f198413af61b4255c86b291d9404ce2e2eda25e56ca8c7d376dcbc78a807f99a01d25c94a62f26dd067286b66a34ca3904f21eb7e48b874d38
-
SSDEEP
12288:6QIkwT+V+46MTuxN+qpMBUH5kAAxwWVtBeSv:W4/y+qaBUZJAdVtT
-
Prometei_elf family
-
Deletes itself
-
Modifies hosts file
Adds to hosts file used for mapping hosts to IP addresses.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Modifies systemd
Adds/ modifies systemd service files. Likely to achieve persistence.
-
Write file to user bin folder
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1XDG Autostart Entries
1Create or Modify System Process
1Systemd Service
1