malware-dataset/linux/d7df995dd45d5498770389d9e85064cdaa12f623ae9a22b6c61966c70eee5161/README.md

# Sample Information

<table>
  <tr>
    <td><b>VirusTotal Threat Label</b></td>
    <td><b><span style="color: red">trojan.sliver/malgo</span></b></td>
  </tr>
  <tr>
    <td><b>md5</b></td>
    <td>bc5420177b32242d5de286662258639d</td>
  </tr>
  <tr>
    <td><b>sha1</b></td>
    <td>91593d3f07b3c13790ecf98daaaae0cdac800f2f</td>
  </tr>
  <tr>
    <td><b>sha256</b></td>
    <td>d7df995dd45d5498770389d9e85064cdaa12f623ae9a22b6c61966c70eee5161</td>
  </tr>
  <tr>
    <td><b>sha512</b></td>
    <td>0ad3c97a0ed49b8ccfaa2047ce90ce92ea2e6a4cfb3385e117cd759134ea09867c65d5b6bc81e47f94728daf07a93da8547bb37da47e877d624664dbd87f6f57</td>
  </tr>
</table>

**VirusTotal**: https://www.virustotal.com/gui/file/d7df995dd45d5498770389d9e85064cdaa12f623ae9a22b6c61966c70eee5161

## Analysis

<img src="analysis/sample.svg" style="max-width:800em;"/>

## Detection Names

a variant of Linux/Packed.Obfuscated.B suspicious  
Backdoor.Sliver!1.FCA0 (CLOUD)  
Detected  
E64/ABRisk.RBUI-4  
ELF:Sliver-G [Trj]  
HEUR:Trojan.Multi.MalGO.gen  
LINUX/AVA.Sliver.vqxpa  
Linux.Troj.Unknown.a  
Mal/Generic-S  
Malicious (score: 99)  
malware (ai score=99)  
Malware.LINUX/AVA.Sliver.vqxpa  
Multi.Trojan.Sliver  
Program:Linux/Multiverze  
Riskware/Application  
Static AI - Malicious ELF  
Trojan.Gen.NPE  
Trojan.Linux.Generic.361606  
Trojan.Linux.Generic.361606 (B)  
Trojan.Linux.Generic.D58486  
Trojan/Linux.MalGO.gen  
Trojan:Linux/MalGO.gyf  
Trojan.Linux.Sliver.4!c  
TROJ_GEN.R002H09FP24  
Unix.Malware.Sliver-10012938-0  
Win32.Trojan.Malgo.Ximw
sample-doc-attempt Reviewed-on: https://helga.circl.lu/NGSOTI/malware-dataset/pulls/2 Co-authored-by: qjerome <quentin.jerome@circl.lu> Co-committed-by: qjerome <quentin.jerome@circl.lu> 2024-07-02 11:41:17 +00:00			`# Sample Information`

			`<table>`
			`<tr>`
			`<td><b>VirusTotal Threat Label</b></td>`
			`<td><b><span style="color: red">trojan.sliver/malgo</span></b></td>`
			`</tr>`
			`<tr>`
			`<td><b>md5</b></td>`
			`<td>bc5420177b32242d5de286662258639d</td>`
			`</tr>`
			`<tr>`
			`<td><b>sha1</b></td>`
			`<td>91593d3f07b3c13790ecf98daaaae0cdac800f2f</td>`
			`</tr>`
			`<tr>`
			`<td><b>sha256</b></td>`
			`<td>d7df995dd45d5498770389d9e85064cdaa12f623ae9a22b6c61966c70eee5161</td>`
			`</tr>`
			`<tr>`
			`<td><b>sha512</b></td>`
			`<td>0ad3c97a0ed49b8ccfaa2047ce90ce92ea2e6a4cfb3385e117cd759134ea09867c65d5b6bc81e47f94728daf07a93da8547bb37da47e877d624664dbd87f6f57</td>`
			`</tr>`
			`</table>`

			`VirusTotal: https://www.virustotal.com/gui/file/d7df995dd45d5498770389d9e85064cdaa12f623ae9a22b6c61966c70eee5161`

embed markdown links 2024-07-02 12:51:39 +00:00			`## Analysis`

attempt with max-width 2024-07-02 13:14:20 +00:00			`<img src="analysis/sample.svg" style="max-width:800em;"/>`
embed markdown links 2024-07-02 12:51:39 +00:00
sample-doc-attempt Reviewed-on: https://helga.circl.lu/NGSOTI/malware-dataset/pulls/2 Co-authored-by: qjerome <quentin.jerome@circl.lu> Co-committed-by: qjerome <quentin.jerome@circl.lu> 2024-07-02 11:41:17 +00:00			`## Detection Names`

			`a variant of Linux/Packed.Obfuscated.B suspicious`
			`Backdoor.Sliver!1.FCA0 (CLOUD)`
			`Detected`
			`E64/ABRisk.RBUI-4`
			`ELF:Sliver-G [Trj]`
			`HEUR:Trojan.Multi.MalGO.gen`
			`LINUX/AVA.Sliver.vqxpa`
			`Linux.Troj.Unknown.a`
			`Mal/Generic-S`
			`Malicious (score: 99)`
			`malware (ai score=99)`
			`Malware.LINUX/AVA.Sliver.vqxpa`
			`Multi.Trojan.Sliver`
			`Program:Linux/Multiverze`
			`Riskware/Application`
			`Static AI - Malicious ELF`
			`Trojan.Gen.NPE`
			`Trojan.Linux.Generic.361606`
			`Trojan.Linux.Generic.361606 (B)`
			`Trojan.Linux.Generic.D58486`
			`Trojan/Linux.MalGO.gen`
			`Trojan:Linux/MalGO.gyf`
			`Trojan.Linux.Sliver.4!c`
			`TROJ_GEN.R002H09FP24`
			`Unix.Malware.Sliver-10012938-0`
			`Win32.Trojan.Malgo.Ximw`