malware-dataset/linux/9e70725640c4284e2049e4b25c9cc46cca496053cebf69855ec25acc9bd63e05/README.md

# Sample Information

<table>
  <tr>
    <td><b>VirusTotal Threat Label</b></td>
    <td><b><span style="color: red">trojan.expl/genericrxtd</span></b></td>
  </tr>
  <tr>
    <td><b>md5</b></td>
    <td>85ed1956d405087848be7cbeded6c7e2</td>
  </tr>
  <tr>
    <td><b>sha1</b></td>
    <td>e47fa415628cccca044e4f65f125be9a0b8d4ccf</td>
  </tr>
  <tr>
    <td><b>sha256</b></td>
    <td>9e70725640c4284e2049e4b25c9cc46cca496053cebf69855ec25acc9bd63e05</td>
  </tr>
  <tr>
    <td><b>sha512</b></td>
    <td>80c13bee730b1581d83eaef054e4f002a25a8f41ba848237f3b933a2f3530d4086833eef4a61ca41c54b01d8b10d2c0365081ef18175db5fd8acb2cf67c86130</td>
  </tr>
</table>

**VirusTotal**: https://www.virustotal.com/gui/file/9e70725640c4284e2049e4b25c9cc46cca496053cebf69855ec25acc9bd63e05

## Analysis

![analysis](analysis/sample.svg)

## Detection Names

Backdoor[shellcode]:Linux/fackexp.A  
Detected  
E64/Agent.OF  
ELF:Agent-BIN [Expl]  
ELF/TrojanGen.A  
EXP/AVI.Agent.ocayj  
Exploit.Agent  
Exploit.Agent/Linux!1.FD49 (CLASSIC)  
Exploit.EXP/AVI.Agent.ocayj  
GenericRXTD-TM!85ED1956D405  
HEUR:Trojan-Dropper.Linux.Agent.l  
Linux/Exploit.Agent.GU  
Linux.MulDrop.85  
Linux.Trojan-Dropper.Agent.l  
Linux.Trojan-Dropper.Agent.Tnkl  
Malicious (score: 99)  
TrojanDropper.Linux.ed  
Trojan[Exploit]/Linux.Agent.gen  
Trojan.Generic.36318000  
Trojan.Generic.36318000 (B)  
Trojan.Generic.D22A2B30  
Trojan.Gen.NPE  
Trojan.Linux.Agent.b!c  
Trojan:Linux/Multiverze  
TROJ_GEN.R002C0DFD24
sample-doc-attempt Reviewed-on: https://helga.circl.lu/NGSOTI/malware-dataset/pulls/2 Co-authored-by: qjerome <quentin.jerome@circl.lu> Co-committed-by: qjerome <quentin.jerome@circl.lu> 2024-07-02 11:41:17 +00:00			`# Sample Information`

			`<table>`
			`<tr>`
			`<td><b>VirusTotal Threat Label</b></td>`
			`<td><b><span style="color: red">trojan.expl/genericrxtd</span></b></td>`
			`</tr>`
			`<tr>`
			`<td><b>md5</b></td>`
			`<td>85ed1956d405087848be7cbeded6c7e2</td>`
			`</tr>`
			`<tr>`
			`<td><b>sha1</b></td>`
			`<td>e47fa415628cccca044e4f65f125be9a0b8d4ccf</td>`
			`</tr>`
			`<tr>`
			`<td><b>sha256</b></td>`
			`<td>9e70725640c4284e2049e4b25c9cc46cca496053cebf69855ec25acc9bd63e05</td>`
			`</tr>`
			`<tr>`
			`<td><b>sha512</b></td>`
			`<td>80c13bee730b1581d83eaef054e4f002a25a8f41ba848237f3b933a2f3530d4086833eef4a61ca41c54b01d8b10d2c0365081ef18175db5fd8acb2cf67c86130</td>`
			`</tr>`
			`</table>`

			`VirusTotal: https://www.virustotal.com/gui/file/9e70725640c4284e2049e4b25c9cc46cca496053cebf69855ec25acc9bd63e05`

wip-embed-analysis-svg (#3) Reviewed-on: https://helga.circl.lu/NGSOTI/malware-dataset/pulls/3 Co-authored-by: qjerome <quentin.jerome@circl.lu> Co-committed-by: qjerome <quentin.jerome@circl.lu> 2024-07-02 14:18:24 +00:00			`## Analysis`

			`![analysis](analysis/sample.svg)`

sample-doc-attempt Reviewed-on: https://helga.circl.lu/NGSOTI/malware-dataset/pulls/2 Co-authored-by: qjerome <quentin.jerome@circl.lu> Co-committed-by: qjerome <quentin.jerome@circl.lu> 2024-07-02 11:41:17 +00:00			`## Detection Names`

			`Backdoor[shellcode]:Linux/fackexp.A`
			`Detected`
			`E64/Agent.OF`
			`ELF:Agent-BIN [Expl]`
			`ELF/TrojanGen.A`
			`EXP/AVI.Agent.ocayj`
			`Exploit.Agent`
			`Exploit.Agent/Linux!1.FD49 (CLASSIC)`
			`Exploit.EXP/AVI.Agent.ocayj`
			`GenericRXTD-TM!85ED1956D405`
			`HEUR:Trojan-Dropper.Linux.Agent.l`
			`Linux/Exploit.Agent.GU`
			`Linux.MulDrop.85`
			`Linux.Trojan-Dropper.Agent.l`
			`Linux.Trojan-Dropper.Agent.Tnkl`
			`Malicious (score: 99)`
			`TrojanDropper.Linux.ed`
			`Trojan[Exploit]/Linux.Agent.gen`
			`Trojan.Generic.36318000`
			`Trojan.Generic.36318000 (B)`
			`Trojan.Generic.D22A2B30`
			`Trojan.Gen.NPE`
			`Trojan.Linux.Agent.b!c`
			`Trojan:Linux/Multiverze`
			`TROJ_GEN.R002C0DFD24`