malware-dataset/linux/e59dd13dc8dbb2c9e3612c6f1188622067ed388f6248567c56479d1677c79e5b/README.md

# Sample Information

<table>
  <tr>
    <td><b>VirusTotal Threat Label</b></td>
    <td><b><span style="color: red">trojan.tsunami/kaiten</span></b></td>
  </tr>
  <tr>
    <td><b>md5</b></td>
    <td>7b1aec339bee5beed674c8cb576bb881</td>
  </tr>
  <tr>
    <td><b>sha1</b></td>
    <td>28cc31a46db6970ded6900cc3d6a51c0cb068702</td>
  </tr>
  <tr>
    <td><b>sha256</b></td>
    <td>e59dd13dc8dbb2c9e3612c6f1188622067ed388f6248567c56479d1677c79e5b</td>
  </tr>
  <tr>
    <td><b>sha512</b></td>
    <td>08867041b15afdfc586eb3b872859deed5c5b2c8abcdd500db04a0b7a190bf9657e1c6a2f184ec6ec7ed6c5e847235da46459b7896053414ff669138442ac2eb</td>
  </tr>
</table>

**VirusTotal**: https://www.virustotal.com/gui/file/e59dd13dc8dbb2c9e3612c6f1188622067ed388f6248567c56479d1677c79e5b

## Analysis

![analysis](analysis/sample.svg)

## Detection Names

a variant of Linux/Tsunami.NCD  
Backdoor.BDS/Katien.R  
Backdoor.Linux.aeeb  
Backdoor:Linux/Tsunami.C!MTB  
Backdoor.Linux.Tsunami.x  
Backdoor.Tsunami/Linux!1.A1B2 (CLASSIC)  
BDS/Katien.R  
DDoS:Linux/Tsunami  
Detected  
E32/Mirai.DJ.gen!Camelot  
ELF_KAITEN.SM  
ELF:Tsunami-A  
ELF:Tsunami-FP [Trj]  
ELF/Tsunami.NCD!tr  
Generic.Malware.GJIFg.78B1411A  
Generic.Malware.GJIFg.78B1411A (B)  
Gen:NN.Mirai.36808  
HEUR:Backdoor.Linux.Tsunami.bh  
Linux/DDoS-Kaiten.gen.a  
Linux.Kaiten  
Linux.Siggen.9999  
Linux.Trojan.Gafgyt  
Linux/Tsunami-A  
Linux/Tsunami.Gen  
Malicious (score: 99)  
malware (ai score=100)  
Script.Ks.Malware.3227  
Static AI - Malicious ELF  
Suspicious.Linux.Save.a  
Trojan ( 0040f09d1 )  
Trojan.Elf32.Tsunami.knlqdv  
Trojan.Linux.Mirai  
Trojan/Linux.Tsunami.a  
Trojan.Linux.Tsunami.m!c  
Win.Trojan.Tsunami-5
sample-doc-attempt Reviewed-on: https://helga.circl.lu/NGSOTI/malware-dataset/pulls/2 Co-authored-by: qjerome <quentin.jerome@circl.lu> Co-committed-by: qjerome <quentin.jerome@circl.lu> 2024-07-02 11:41:17 +00:00			`# Sample Information`

			`<table>`
			`<tr>`
			`<td><b>VirusTotal Threat Label</b></td>`
			`<td><b><span style="color: red">trojan.tsunami/kaiten</span></b></td>`
			`</tr>`
			`<tr>`
			`<td><b>md5</b></td>`
			`<td>7b1aec339bee5beed674c8cb576bb881</td>`
			`</tr>`
			`<tr>`
			`<td><b>sha1</b></td>`
			`<td>28cc31a46db6970ded6900cc3d6a51c0cb068702</td>`
			`</tr>`
			`<tr>`
			`<td><b>sha256</b></td>`
			`<td>e59dd13dc8dbb2c9e3612c6f1188622067ed388f6248567c56479d1677c79e5b</td>`
			`</tr>`
			`<tr>`
			`<td><b>sha512</b></td>`
			`<td>08867041b15afdfc586eb3b872859deed5c5b2c8abcdd500db04a0b7a190bf9657e1c6a2f184ec6ec7ed6c5e847235da46459b7896053414ff669138442ac2eb</td>`
			`</tr>`
			`</table>`

			`VirusTotal: https://www.virustotal.com/gui/file/e59dd13dc8dbb2c9e3612c6f1188622067ed388f6248567c56479d1677c79e5b`

wip-embed-analysis-svg (#3) Reviewed-on: https://helga.circl.lu/NGSOTI/malware-dataset/pulls/3 Co-authored-by: qjerome <quentin.jerome@circl.lu> Co-committed-by: qjerome <quentin.jerome@circl.lu> 2024-07-02 14:18:24 +00:00			`## Analysis`

			`![analysis](analysis/sample.svg)`

sample-doc-attempt Reviewed-on: https://helga.circl.lu/NGSOTI/malware-dataset/pulls/2 Co-authored-by: qjerome <quentin.jerome@circl.lu> Co-committed-by: qjerome <quentin.jerome@circl.lu> 2024-07-02 11:41:17 +00:00			`## Detection Names`

			`a variant of Linux/Tsunami.NCD`
			`Backdoor.BDS/Katien.R`
			`Backdoor.Linux.aeeb`
			`Backdoor:Linux/Tsunami.C!MTB`
			`Backdoor.Linux.Tsunami.x`
			`Backdoor.Tsunami/Linux!1.A1B2 (CLASSIC)`
			`BDS/Katien.R`
			`DDoS:Linux/Tsunami`
			`Detected`
			`E32/Mirai.DJ.gen!Camelot`
			`ELF_KAITEN.SM`
			`ELF:Tsunami-A`
			`ELF:Tsunami-FP [Trj]`
			`ELF/Tsunami.NCD!tr`
			`Generic.Malware.GJIFg.78B1411A`
			`Generic.Malware.GJIFg.78B1411A (B)`
			`Gen:NN.Mirai.36808`
			`HEUR:Backdoor.Linux.Tsunami.bh`
			`Linux/DDoS-Kaiten.gen.a`
			`Linux.Kaiten`
			`Linux.Siggen.9999`
			`Linux.Trojan.Gafgyt`
			`Linux/Tsunami-A`
			`Linux/Tsunami.Gen`
			`Malicious (score: 99)`
			`malware (ai score=100)`
			`Script.Ks.Malware.3227`
			`Static AI - Malicious ELF`
			`Suspicious.Linux.Save.a`
			`Trojan ( 0040f09d1 )`
			`Trojan.Elf32.Tsunami.knlqdv`
			`Trojan.Linux.Mirai`
			`Trojan/Linux.Tsunami.a`
			`Trojan.Linux.Tsunami.m!c`
			`Win.Trojan.Tsunami-5`