Analysis

  • max time kernel
    136s
  • max time network
    144s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    19-11-2024 12:36

General

  • Target

    wnbw86.elf

  • Size

    113KB

  • MD5

    3329500212cf488f1cbb93191685ea3d

  • SHA1

    5e314c10cdd9f8760e813e3164b4ccd4b9a8e5e8

  • SHA256

    00a4a41c529729e8d763c186db6faba1750efd1893112b1ac01737b6f1087361

  • SHA512

    dd0757f9b697b7b368abbb887b8507b040815219776c989a1a73eaf8fc4b2dbd2a009c4e3630d5f910615f37c38ee7aab16a2b489510037a7841d92b3ef23980

  • SSDEEP

    3072:4UWRi5paJh1ocp6c2GCtjh4iZvVXLC4Lqbz:4UWk5kJHoGz2ttGMq/

Score
7/10

Malware Config

Signatures

  • Loads a kernel module 5 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/wnbw86.elf
    /tmp/wnbw86.elf
    1⤵
    • Loads a kernel module
    • Writes file to tmp directory
    PID:2441

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads