General
-
Target
na.elf
-
Size
418KB
-
Sample
250223-an74gaske1
-
MD5
8f1370d269e23308251b79d6952aaeee
-
SHA1
6f2348f4c83eaac5d44497ee83524470adab31e9
-
SHA256
2beeb75c0973fb533987b53d914dc75426bac28ff49cb4b3746d10304fb6e3c1
-
SHA512
ec58f4a539bd907a064c3e8be0eb4df038e435e8e20da96ec94581592227cb2e3684b40129d6d1ac1e096dd6452c39dffb4b270913e7d46bb66f1ae42e822874
-
SSDEEP
12288:6QIkwT+V+46MTuxN+qpMBUH5kAAxwWVtBeSL:W4/y+qaBUZJAdVt3
Behavioral task
behavioral1
Sample
na.elf
Resource
ubuntu2204-amd64-20240611-en
Malware Config
Targets
-
-
Target
na.elf
-
Size
418KB
-
MD5
8f1370d269e23308251b79d6952aaeee
-
SHA1
6f2348f4c83eaac5d44497ee83524470adab31e9
-
SHA256
2beeb75c0973fb533987b53d914dc75426bac28ff49cb4b3746d10304fb6e3c1
-
SHA512
ec58f4a539bd907a064c3e8be0eb4df038e435e8e20da96ec94581592227cb2e3684b40129d6d1ac1e096dd6452c39dffb4b270913e7d46bb66f1ae42e822874
-
SSDEEP
12288:6QIkwT+V+46MTuxN+qpMBUH5kAAxwWVtBeSL:W4/y+qaBUZJAdVt3
-
Prometei_elf family
-
Deletes itself
-
Modifies hosts file
Adds to hosts file used for mapping hosts to IP addresses.
-
Enumerates running processes
Discovers information about currently running processes on the system
-
Modifies systemd
Adds/ modifies systemd service files. Likely to achieve persistence.
-
Write file to user bin folder
-
MITRE ATT&CK Enterprise v15
Persistence
Boot or Logon Autostart Execution
1XDG Autostart Entries
1Create or Modify System Process
1Systemd Service
1