malware-dataset/linux/44c21f98d1fe78e1466ddc9dfd1113e1e416934b6a0eb2b1da0bcf27535f7775/README.md

# Sample Information

<table>
  <tr>
    <td><b>VirusTotal Threat Label</b></td>
    <td><b><span style="color: red">trojan.mirai/gafgyt</span></b></td>
  </tr>
  <tr>
    <td><b>md5</b></td>
    <td>cadc906c5123702e80d8047cabc77170</td>
  </tr>
  <tr>
    <td><b>sha1</b></td>
    <td>a4e4f736200d84284d67bc41361638ff43f0e99d</td>
  </tr>
  <tr>
    <td><b>sha256</b></td>
    <td>44c21f98d1fe78e1466ddc9dfd1113e1e416934b6a0eb2b1da0bcf27535f7775</td>
  </tr>
  <tr>
    <td><b>sha512</b></td>
    <td>04e43ef9e24f050a2e1223bbcf3f20bac34913d1425929232fd1bf3e4a3f5e5bbc3dac60c0026682be5540a05cfc72d15c123fd5cc5a41636d517b7c1811d3d8</td>
  </tr>
</table>

**VirusTotal**: https://www.virustotal.com/gui/file/44c21f98d1fe78e1466ddc9dfd1113e1e416934b6a0eb2b1da0bcf27535f7775

## Analysis

![analysis](analysis/sample.svg)

## Detection Names

a variant of Linux/Gafgyt.AXI  
Backdoor.Linux.Mirai.wan  
DDoS  
Detected  
E32/ABRisk.EROA-7  
ELF/Mirai.A!tr  
ELF/TrojanGen.A  
Exploit.CVE-2017-17215!8.1058B (TFE:17:5yO1GHIYYTK)  
HEUR:Backdoor.Linux.Mirai.b  
Linux.Backdoor.Mirai.b  
LINUX/Gafgyt.pvebx  
Linux.Siggen.9999  
Mal/Generic-S  
Malicious (score: 99)  
Malware.LINUX/Gafgyt.pvebx  
Other:Malware-gen [Trj]  
Possible_SMMODUPXA  
Suspicious.Linux.Save.a  
Trojan[Backdoor]/Linux.Gafgyt.a  
TrojanDDoS.Linux.nk  
Trojan.Generic.35965739  
Trojan.Generic.35965739 (B)  
Trojan.Generic.D224CB2B  
Trojan.Gen.NPE  
Trojan.Linux.Gafgyt  
Trojan.Linux.Mirai.K!c  
Trojan:Linux/Multiverze  
Trojan.Malware.121218.susgen  
Unix.Trojan.DarkNexus-7679166-0
sample-doc-attempt Reviewed-on: https://helga.circl.lu/NGSOTI/malware-dataset/pulls/2 Co-authored-by: qjerome <quentin.jerome@circl.lu> Co-committed-by: qjerome <quentin.jerome@circl.lu> 2024-07-02 11:41:17 +00:00			`# Sample Information`

			`<table>`
			`<tr>`
			`<td><b>VirusTotal Threat Label</b></td>`
			`<td><b><span style="color: red">trojan.mirai/gafgyt</span></b></td>`
			`</tr>`
			`<tr>`
			`<td><b>md5</b></td>`
			`<td>cadc906c5123702e80d8047cabc77170</td>`
			`</tr>`
			`<tr>`
			`<td><b>sha1</b></td>`
			`<td>a4e4f736200d84284d67bc41361638ff43f0e99d</td>`
			`</tr>`
			`<tr>`
			`<td><b>sha256</b></td>`
			`<td>44c21f98d1fe78e1466ddc9dfd1113e1e416934b6a0eb2b1da0bcf27535f7775</td>`
			`</tr>`
			`<tr>`
			`<td><b>sha512</b></td>`
			`<td>04e43ef9e24f050a2e1223bbcf3f20bac34913d1425929232fd1bf3e4a3f5e5bbc3dac60c0026682be5540a05cfc72d15c123fd5cc5a41636d517b7c1811d3d8</td>`
			`</tr>`
			`</table>`

			`VirusTotal: https://www.virustotal.com/gui/file/44c21f98d1fe78e1466ddc9dfd1113e1e416934b6a0eb2b1da0bcf27535f7775`

wip-embed-analysis-svg (#3) Reviewed-on: https://helga.circl.lu/NGSOTI/malware-dataset/pulls/3 Co-authored-by: qjerome <quentin.jerome@circl.lu> Co-committed-by: qjerome <quentin.jerome@circl.lu> 2024-07-02 14:18:24 +00:00			`## Analysis`

			`![analysis](analysis/sample.svg)`

sample-doc-attempt Reviewed-on: https://helga.circl.lu/NGSOTI/malware-dataset/pulls/2 Co-authored-by: qjerome <quentin.jerome@circl.lu> Co-committed-by: qjerome <quentin.jerome@circl.lu> 2024-07-02 11:41:17 +00:00			`## Detection Names`

			`a variant of Linux/Gafgyt.AXI`
			`Backdoor.Linux.Mirai.wan`
			`DDoS`
			`Detected`
			`E32/ABRisk.EROA-7`
			`ELF/Mirai.A!tr`
			`ELF/TrojanGen.A`
			`Exploit.CVE-2017-17215!8.1058B (TFE:17:5yO1GHIYYTK)`
			`HEUR:Backdoor.Linux.Mirai.b`
			`Linux.Backdoor.Mirai.b`
			`LINUX/Gafgyt.pvebx`
			`Linux.Siggen.9999`
			`Mal/Generic-S`
			`Malicious (score: 99)`
			`Malware.LINUX/Gafgyt.pvebx`
			`Other:Malware-gen [Trj]`
			`Possible_SMMODUPXA`
			`Suspicious.Linux.Save.a`
			`Trojan[Backdoor]/Linux.Gafgyt.a`
			`TrojanDDoS.Linux.nk`
			`Trojan.Generic.35965739`
			`Trojan.Generic.35965739 (B)`
			`Trojan.Generic.D224CB2B`
			`Trojan.Gen.NPE`
			`Trojan.Linux.Gafgyt`
			`Trojan.Linux.Mirai.K!c`
			`Trojan:Linux/Multiverze`
			`Trojan.Malware.121218.susgen`
			`Unix.Trojan.DarkNexus-7679166-0`