2024-07-02 11:41:17 +00:00
|
|
|
# Sample Information
|
|
|
|
|
|
|
|
<table>
|
|
|
|
<tr>
|
|
|
|
<td><b>VirusTotal Threat Label</b></td>
|
|
|
|
<td><b><span style="color: red">trojan.bpfdoor</span></b></td>
|
|
|
|
</tr>
|
|
|
|
<tr>
|
|
|
|
<td><b>md5</b></td>
|
|
|
|
<td>0017f7b913ce66e4d80f7e78cf830a2b</td>
|
|
|
|
</tr>
|
|
|
|
<tr>
|
|
|
|
<td><b>sha1</b></td>
|
|
|
|
<td>f1bf775746a5c882b9ec003617b2a70cf5a5b029</td>
|
|
|
|
</tr>
|
|
|
|
<tr>
|
|
|
|
<td><b>sha256</b></td>
|
|
|
|
<td>fa0defdabd9fd43fe2ef1ec33574ea1af1290bd3d763fdb2bed443f2bd996d73</td>
|
|
|
|
</tr>
|
|
|
|
<tr>
|
|
|
|
<td><b>sha512</b></td>
|
|
|
|
<td>ff5dd28ba3f5ce1f85f85fa9b65f9f30fbd300f2ca238cb2713da7077b7a0a8ff094cff4d7de9381726925abdd9ea065fa75ccd02fa5a816b71a6f91479363c1</td>
|
|
|
|
</tr>
|
|
|
|
</table>
|
|
|
|
|
|
|
|
**VirusTotal**: https://www.virustotal.com/gui/file/fa0defdabd9fd43fe2ef1ec33574ea1af1290bd3d763fdb2bed443f2bd996d73
|
|
|
|
|
2024-07-02 14:18:24 +00:00
|
|
|
## Analysis
|
|
|
|
|
|
|
|
![analysis](analysis/sample.svg)
|
|
|
|
|
2024-07-02 11:41:17 +00:00
|
|
|
## Detection Names
|
|
|
|
|
|
|
|
a variant of Linux/BpfDoor.B
|
|
|
|
Backdoor.BPFDoor/Linux!1.EF16 (CLASSIC)
|
|
|
|
Backdoor.Linux.BPFDoor
|
|
|
|
Backdoor/Linux.Bpfdoor.28832
|
|
|
|
Backdoor:Linux/BPFDoor.A!MTB
|
|
|
|
Backdoor.Linux.BPFDOOR.AS
|
|
|
|
Backdoor.Linux.flhb
|
|
|
|
Backdoor.Trojan
|
|
|
|
Detected
|
|
|
|
E64/Agent.DI
|
|
|
|
ELF:Agent-AOI [Trj]
|
|
|
|
ELF:Agent-BNJ [Trj]
|
|
|
|
ELF.Mirai.47214.GC
|
|
|
|
HEUR:Backdoor.Linux.Agent.co
|
|
|
|
LINUX/Agent.awj
|
|
|
|
Linux/Agent.KC!tr
|
|
|
|
Linux.Backdoor.Agent.Xfow
|
|
|
|
Linux/Bckdr-RYJ
|
|
|
|
Linux.Siggen.3707
|
|
|
|
Linux.Trojan.BPFDoor
|
|
|
|
Linux.Troj.Generic.yz
|
|
|
|
Malicious (score: 99)
|
|
|
|
Malware@#2va7z0hek31ce
|
|
|
|
malware (ai score=100)
|
|
|
|
Malware.LINUX/Agent.awj
|
|
|
|
RDN/Generic BackDoor
|
|
|
|
Static AI - Malicious ELF
|
|
|
|
Suspicious.Linux.Save.a
|
|
|
|
Trojan[Backdoor]/Linux.Agent.co
|
|
|
|
Trojan.BpfDoor.Linux.5
|
|
|
|
Trojan.Linux.Agent
|
|
|
|
Trojan.Linux.BPFDoor.m!c
|
|
|
|
Trojan.Linux.Generic.186585
|
|
|
|
Trojan.Linux.Generic.186585 (B)
|
|
|
|
Trojan.Linux.Generic.D2D8D9
|
|
|
|
Trojan:Linux/LinuxAgent
|
|
|
|
Unix.Backdoor.RedMenshen-9950338-1
|