Winnti for Linux (e384e711-0796-4cbc-8854-8c3f939faf57)

Winnti for Linux is a trojan, seen since at least 2015, designed specifically for targeting Linux systems. Reporting indicates the winnti malware family is shared across a number of actors including Winnti Group. The Windows variant is tracked separately under Winnti for Windows.^{[Chronicle Winnti for Linux May 2019]}

Cluster A	Galaxy A	Cluster B	Galaxy B	Level
Winnti for Linux (e384e711-0796-4cbc-8854-8c3f939faf57)	Tidal Software	Earth Lusca (646e35d2-75de-4c1d-8ad3-616d3e155c5e)	Tidal Groups	1
Winnti for Linux (e384e711-0796-4cbc-8854-8c3f939faf57)	Tidal Software	APT41 (502223ee-8947-42f8-a532-a3b3da12b7d9)	Tidal Groups	1