Analysis

  • max time kernel
    132s
  • max time network
    151s
  • platform
    ubuntu-24.04_amd64
  • resource
    ubuntu2404-amd64-20240523-en
  • resource tags

    arch:amd64arch:i386image:ubuntu2404-amd64-20240523-enkernel:6.8.0-31-genericlocale:en-usos:ubuntu-24.04-amd64system
  • submitted
    19-12-2024 18:57

General

  • Target

    wkb86.elf

  • Size

    112KB

  • MD5

    1072a5ef3886aab49430017bc729ac42

  • SHA1

    ae4bb7f373c9dc3c58d09ac5b0dc98a1c3a755d9

  • SHA256

    55d914046133e8e6d2c292c2b9e6b17af60a41357c951c0804adee196194bab5

  • SHA512

    f4b24537f14adbcfd8c4c82f4cd0ad23a56a130ccda564722f779c5c5f8b8e698724ef8672f95ad93b1fe2bb76f47c9d725159eacfb6e60ad5ae9828c8ff8e56

  • SSDEEP

    3072:YkQnlJFSvqXEy3OZGp+yoJgiefbu8xxKwDmqa:YkSJ0Kp3OZ8weCGoUmqa

Score
7/10

Malware Config

Signatures

  • Loads a kernel module 7 IoCs

    Loads a Linux kernel module, potentially to achieve persistence

  • Writes file to tmp directory 1 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/wkb86.elf
    /tmp/wkb86.elf
    1⤵
    • Loads a kernel module
    • Writes file to tmp directory
    PID:2826

Network

MITRE ATT&CK Matrix

Replay Monitor

Loading Replay Monitor...

Downloads