2024-07-02 11:41:17 +00:00
|
|
|
# Sample Information
|
|
|
|
|
|
|
|
<table>
|
|
|
|
<tr>
|
|
|
|
<td><b>VirusTotal Threat Label</b></td>
|
|
|
|
<td><b><span style="color: red">trojan.cornelgen/expl</span></b></td>
|
|
|
|
</tr>
|
|
|
|
<tr>
|
|
|
|
<td><b>md5</b></td>
|
|
|
|
<td>e62089b51f3b485b891359accdb11bdc</td>
|
|
|
|
</tr>
|
|
|
|
<tr>
|
|
|
|
<td><b>sha1</b></td>
|
|
|
|
<td>acbe528883175ce934df4edd4fff045a0e2d2d8f</td>
|
|
|
|
</tr>
|
|
|
|
<tr>
|
|
|
|
<td><b>sha256</b></td>
|
|
|
|
<td>6420f5d7d48b75d687b8356e93c82721bb536c633d773f8985f74c8977425f04</td>
|
|
|
|
</tr>
|
|
|
|
<tr>
|
|
|
|
<td><b>sha512</b></td>
|
|
|
|
<td>7bea4517cfbc816db778296f17c414cf93da4182c014678e214685733fd275401893344277f2d826965c4908c77c1136d53f6a76ff0e3b5d2250c19be9ccaf50</td>
|
|
|
|
</tr>
|
|
|
|
</table>
|
|
|
|
|
|
|
|
**VirusTotal**: https://www.virustotal.com/gui/file/6420f5d7d48b75d687b8356e93c82721bb536c633d773f8985f74c8977425f04
|
|
|
|
|
2024-07-02 14:18:24 +00:00
|
|
|
## Analysis
|
|
|
|
|
|
|
|
![analysis](analysis/sample.svg)
|
|
|
|
|
2024-07-02 11:41:17 +00:00
|
|
|
## Detection Names
|
|
|
|
|
|
|
|
Artemis!Trojan
|
|
|
|
Detected
|
|
|
|
ELF:CVE-2010-3081-E [Expl]
|
|
|
|
ELF_EXPLOYT.LL
|
|
|
|
EXP/CVE-2010-3081.B
|
|
|
|
Exp:Linux/CVE.2010.3081
|
|
|
|
Exploit.Agent!8.1B (TFE:14:90c1BLtlaUT)
|
|
|
|
Exploit.Agent.Linux.4
|
|
|
|
Exploit.Elf32.CVE20103081.dxkfls
|
|
|
|
Exploit.EXP/CVE-2010-3081.B
|
|
|
|
Exploit.Linux.ahn
|
|
|
|
Exploit:Linux/CVE-2010-3081.A!MTB
|
|
|
|
Exploit.MS04.CVE-2004-0210-2010-3081.B
|
|
|
|
Hacktool.Linux.Agent.3!c
|
|
|
|
HEUR:Exploit.Linux.Agent.a
|
|
|
|
Linux.CornelGEN.1714
|
|
|
|
Linux.CornelGEN.1714 (B)
|
|
|
|
Linux.CornelGEN.D6B2
|
|
|
|
Linux/Exploit.Agent.AY
|
|
|
|
Linux.Exploit.Agent.Qgil
|
|
|
|
Linux.Exploit.CVE-2010-3081.1
|
|
|
|
Malicious (score: 99)
|
|
|
|
Malware@#57nwy1j6aalm
|
|
|
|
malware (ai score=96)
|
|
|
|
Static AI - Suspicious ELF
|
|
|
|
Trojan[Exploit]/Linux.Agent.a
|
|
|
|
Trojan.Gen.NPE
|
|
|
|
Unix.Malware.Agent-7437248-0
|