2024-07-02 11:41:17 +00:00
|
|
|
# Sample Information
|
|
|
|
|
|
|
|
<table>
|
|
|
|
<tr>
|
|
|
|
<td><b>VirusTotal Threat Label</b></td>
|
|
|
|
<td><b><span style="color: red">unknown</span></b></td>
|
|
|
|
</tr>
|
|
|
|
<tr>
|
|
|
|
<td><b>md5</b></td>
|
|
|
|
<td>e97790c1200e6d5c8f4eed64f1736a5d</td>
|
|
|
|
</tr>
|
|
|
|
<tr>
|
|
|
|
<td><b>sha1</b></td>
|
|
|
|
<td>8df8579b3303221b0aa9955f0e11ab6d24525a1a</td>
|
|
|
|
</tr>
|
|
|
|
<tr>
|
|
|
|
<td><b>sha256</b></td>
|
|
|
|
<td>e27571a89dfbb256bdf2aa7ff0a062bd10bd712c46d7ddc045a8ac85c4903c2f</td>
|
|
|
|
</tr>
|
|
|
|
<tr>
|
|
|
|
<td><b>sha512</b></td>
|
|
|
|
<td>0cb76a4ac2c5787282f31bed1a0a2599258d85890d60cc6a1538548f304b56668840295b99d862a721baa3309e7dc3366b2dbd2819ed39900cc2165dc23a7f70</td>
|
|
|
|
</tr>
|
|
|
|
</table>
|
|
|
|
|
|
|
|
**VirusTotal**: https://www.virustotal.com/gui/file/e27571a89dfbb256bdf2aa7ff0a062bd10bd712c46d7ddc045a8ac85c4903c2f
|
|
|
|
|
2024-07-02 14:18:24 +00:00
|
|
|
## Analysis
|
|
|
|
|
|
|
|
![analysis](analysis/sample.svg)
|
|
|
|
|
2024-07-02 11:41:17 +00:00
|
|
|
## Detection Names
|
|
|
|
|
|
|
|
Backdoor.Linux.Ganiw.a
|
|
|
|
Backdoor.Linux.Ganiw.H
|
|
|
|
Backdoor.Linux.Ganiw.H (B)
|
|
|
|
Backdoor/Linux.ii
|
|
|
|
Backdoor:Linux/Setag.A
|
|
|
|
Backdoor.Setag/Linux!1.A3E5 (CLASSIC)
|
|
|
|
Detected
|
|
|
|
Downloader.OpenConnection.JS.100251
|
|
|
|
E32/Setag.B
|
|
|
|
ELF:Elknot-AE [Trj]
|
|
|
|
ELF/Setag.B!tr
|
|
|
|
ELF_SETAG.SM
|
|
|
|
HEUR:Backdoor.Linux.Ganiw.d
|
|
|
|
Legacy.Trojan.Agent-1388639
|
|
|
|
Linux/Agent.A
|
|
|
|
Linux/Backdoor.1135000
|
|
|
|
Linux.BackDoor.Gates.9
|
|
|
|
Linux.BackDoor.Gates.G
|
|
|
|
Linux.Chikdos.B!gen2
|
|
|
|
Linux/DDoS-BD
|
|
|
|
LINUX/Setag.axyb
|
|
|
|
Linux/Setag.B.Gen
|
|
|
|
Linux.Trojan.Ganiw
|
|
|
|
Linux.Trojan.Siggen.D
|
|
|
|
Malicious (score: 99)
|
|
|
|
Malware@#3xsifarbkt6j
|
|
|
|
malware (ai score=100)
|
|
|
|
Malware.LINUX/Setag.axyb
|
|
|
|
Script.Ks.Malware.14758
|
|
|
|
Static AI - Malicious ELF
|
|
|
|
Trojan.Elf32.Ganiw.dirahp
|
|
|
|
Trojan.Linux.Agent
|
|
|
|
Trojan.Linux.Elknot.atAE
|
|
|
|
Trojan.Linux.Ganiw.a
|
|
|
|
Trojan.Malware.121218.susgen
|
|
|
|
Trojan.U.Gen.tr
|
|
|
|
Trojan/Win32.PowerGhost.a
|