65 lines
1.6 KiB
Markdown
65 lines
1.6 KiB
Markdown
|
# Sample Information
|
||
|
|
||
|
<table>
|
||
|
<tr>
|
||
|
<td><b>VirusTotal Threat Label</b></td>
|
||
|
<td><b><span style="color: red">trojan.perfctl/expl</span></b></td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td><b>md5</b></td>
|
||
|
<td>656e22c65bf7c04d87b5afbe52b8d800</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td><b>sha1</b></td>
|
||
|
<td>0fd199053171fec86be186106eac717c4edae2ad</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td><b>sha256</b></td>
|
||
|
<td>22e4a57ac560ebe1eff8957906589f4dd5934ee555ebcc0f7ba613b07fad2c13</td>
|
||
|
</tr>
|
||
|
<tr>
|
||
|
<td><b>sha512</b></td>
|
||
|
<td>697954f75e391a6cc600b7d40509ac1a1515cb0a4234cc3ae4270beaf7bbc3a3da23a9cd4f25e0eb4f5956d24ca3866e2574dc9493644845aac1063e1e4b0183</td>
|
||
|
</tr>
|
||
|
</table>
|
||
|
|
||
|
**VirusTotal**: https://www.virustotal.com/gui/file/22e4a57ac560ebe1eff8957906589f4dd5934ee555ebcc0f7ba613b07fad2c13
|
||
|
|
||
|
## Analysis
|
||
|
|
||
|
![analysis](analysis/sample.svg)
|
||
|
|
||
|
## Detection Names
|
||
|
|
||
|
a variant of Linux/Exploit.CVE-2021-4034.S
|
||
|
Detected
|
||
|
E64/ABRisk.TMMV-18
|
||
|
ELF:Agent-DBG [Expl]
|
||
|
Elf.Perfctl.49115.GC
|
||
|
ELF/TrojanGen.A
|
||
|
elf.trojan.perfctl
|
||
|
EXP/AVI.CVE.suebo
|
||
|
Exp:Linux/CVE.2021.4034
|
||
|
Exploit.CVE-2021-4034
|
||
|
Exploit.CVE-2021-4034!8.131F2 (CLOUD)
|
||
|
Exploit.EXP/AVI.CVE.suebo
|
||
|
Exploit/Linux.CVE-2021-4034.b
|
||
|
Generic trojan.abb
|
||
|
Linux.MulDrop.137
|
||
|
Linux.Risktool.Bitcoinminer.Etgl
|
||
|
Linux.Troj.Undef.a
|
||
|
Mal/Generic-S
|
||
|
Malicious_Behavior.SB
|
||
|
Malicious (score: 99)
|
||
|
not-a-virus:HEUR:RiskTool.Linux.BitCoinMiner.gen
|
||
|
PUA.Gen.2
|
||
|
RiskTool.Linux.dxq
|
||
|
Riskware.Elf64.AVI.kpwgpj
|
||
|
Trojan.Linux.Generic.324520
|
||
|
Trojan.Linux.Generic.324520 (B)
|
||
|
Trojan.Linux.Generic.D4F3A8
|
||
|
Trojan.Linux.PERFCTL.A
|
||
|
Trojan:Linux/Perfctl!MTB
|
||
|
Trojan/Win64.CoinMiner.xmr
|
||
|
Unix.Exploit.Generic-10016938-0
|