Analysis
-
max time kernel
136s -
max time network
144s -
platform
ubuntu-24.04_amd64 -
resource
ubuntu2404-amd64-20240523-en -
resource tags
arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system -
submitted
19-11-2024 12:36
Behavioral task
behavioral1
Sample
wnbw86.elf
Resource
ubuntu2404-amd64-20240523-en
2 signatures
150 seconds
General
-
Target
wnbw86.elf
-
Size
113KB
-
MD5
3329500212cf488f1cbb93191685ea3d
-
SHA1
5e314c10cdd9f8760e813e3164b4ccd4b9a8e5e8
-
SHA256
00a4a41c529729e8d763c186db6faba1750efd1893112b1ac01737b6f1087361
-
SHA512
dd0757f9b697b7b368abbb887b8507b040815219776c989a1a73eaf8fc4b2dbd2a009c4e3630d5f910615f37c38ee7aab16a2b489510037a7841d92b3ef23980
-
SSDEEP
3072:4UWRi5paJh1ocp6c2GCtjh4iZvVXLC4Lqbz:4UWk5kJHoGz2ttGMq/
Score
7/10
Malware Config
Signatures
-
Processes:
wnbw86.elfpid Process 2441 wnbw86.elf 2441 wnbw86.elf 2441 wnbw86.elf 2442 wnbw86.elf 2442 wnbw86.elf -
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.
Processes:
wnbw86.elfdescription ioc Process File opened for modification /tmp/httpd wnbw86.elf