+
+ | VirusTotal Threat Label |
+ ransomware.hive/filecoderhive |
+
+
+ | md5 |
+ 171d2a50c6d7e69281d1c3ef98d510f2 |
+
+
+ | sha1 |
+ 322db4ca435004a127acd4171cc52be9edaf5338 |
+
+
+ | sha256 |
+ 713b699c04f21000fca981e698e1046d4595f423bd5741d712fd7e0bc358c771 |
+
+
+ | sha512 |
+ 2226d1a5e9c8a2920fa8d327b53e10f135e9b30c8c3d1e7fbb3a59a51df782f106f41f60ad8140a1de4a81ef6b230418126ffb24bd75eab3c3a298ada2f58913 |
+
+
+
+**VirusTotal**: https://www.virustotal.com/gui/file/713b699c04f21000fca981e698e1046d4595f423bd5741d712fd7e0bc358c771
+
+## Detection Names
+
+Detected
+E64/DCFilcdr.JVGT-
+ELF:Filecoder-CT [Trj]
+ELF/TrojanGen.A
+HEUR:Trojan-Ransom.Linux.Hive.b
+Linux.Encoder.119
+LINUX/Filecoder.gijrz
+Linux/Filecoder_Hive.A!tr
+Linux/Filecoder.Hive.D
+Linux.Ransomware.Hive
+Linux.Trojan-Ransom.Hive.Jqil
+Linux.Troj.Generic.v
+Mal/Generic-S
+Malicious (score: 99)
+malware (ai score=90)
+Malware.LINUX/Filecoder.gijrz
+Ransom-Hive!171D2A50C6D7
+Ransom.Hive!8.12EEE (CLOUD)
+Ransom:Linux/Filecoder!MTB
+Ransom.U.Hive.bot
+RansomWare
+Ransomware/Linux.Hive.2367488
+Trojan.Elf64.Ransom.jyhqzy
+Trojan.Filecoder.Linux.78
+Trojan Horse
+Trojan.Linux.btf
+Trojan.Linux.FILECODERHIVE.USELVL521
+Trojan.Linux.Hive.j!c
+Trojan.Linux.Ransom.224225
+Trojan.Linux.Ransom.224225 (B)
+Trojan.Linux.Ransom.D36BE1
+Trojan-Ransom.Hive
+Trojan.Ransom.Linux.Gen
+Trojan[Ransom]/Linux.Hive.d
+Unix.Ransomware.Deadbolt-9959009-0
+
diff --git a/linux/713b699c04f21000fca981e698e1046d4595f423bd5741d712fd7e0bc358c771/virustotal.json b/linux/713b699c04f21000fca981e698e1046d4595f423bd5741d712fd7e0bc358c771/virustotal.json
new file mode 100644
index 0000000..23358d4
--- /dev/null
+++ b/linux/713b699c04f21000fca981e698e1046d4595f423bd5741d712fd7e0bc358c771/virustotal.json
@@ -0,0 +1,626 @@
+{
+ "ALYac": {
+ "category": "malicious",
+ "engine_name": "ALYac",
+ "engine_update": "20240616",
+ "engine_version": "2.0.0.10",
+ "method": "blacklist",
+ "result": "Trojan.Ransom.Linux.Gen"
+ },
+ "APEX": {
+ "category": "type-unsupported",
+ "engine_name": "APEX",
+ "engine_update": "20240616",
+ "engine_version": "6.543",
+ "method": "blacklist",
+ "result": null
+ },
+ "AVG": {
+ "category": "malicious",
+ "engine_name": "AVG",
+ "engine_update": "20240616",
+ "engine_version": "23.9.8494.0",
+ "method": "blacklist",
+ "result": "ELF:Filecoder-CT [Trj]"
+ },
+ "Acronis": {
+ "category": "undetected",
+ "engine_name": "Acronis",
+ "engine_update": "20240328",
+ "engine_version": "1.2.0.121",
+ "method": "blacklist",
+ "result": null
+ },
+ "AhnLab-V3": {
+ "category": "malicious",
+ "engine_name": "AhnLab-V3",
+ "engine_update": "20240616",
+ "engine_version": "3.25.1.10473",
+ "method": "blacklist",
+ "result": "Ransomware/Linux.Hive.2367488"
+ },
+ "Alibaba": {
+ "category": "type-unsupported",
+ "engine_name": "Alibaba",
+ "engine_update": "20190527",
+ "engine_version": "0.3.0.5",
+ "method": "blacklist",
+ "result": null
+ },
+ "Antiy-AVL": {
+ "category": "malicious",
+ "engine_name": "Antiy-AVL",
+ "engine_update": "20240616",
+ "engine_version": "3.0",
+ "method": "blacklist",
+ "result": "Trojan[Ransom]/Linux.Hive.d"
+ },
+ "Arcabit": {
+ "category": "malicious",
+ "engine_name": "Arcabit",
+ "engine_update": "20240616",
+ "engine_version": "2022.0.0.18",
+ "method": "blacklist",
+ "result": "Trojan.Linux.Ransom.D36BE1"
+ },
+ "Avast": {
+ "category": "malicious",
+ "engine_name": "Avast",
+ "engine_update": "20240616",
+ "engine_version": "23.9.8494.0",
+ "method": "blacklist",
+ "result": "ELF:Filecoder-CT [Trj]"
+ },
+ "Avast-Mobile": {
+ "category": "undetected",
+ "engine_name": "Avast-Mobile",
+ "engine_update": "20240616",
+ "engine_version": "240616-00",
+ "method": "blacklist",
+ "result": null
+ },
+ "Avira": {
+ "category": "malicious",
+ "engine_name": "Avira",
+ "engine_update": "20240616",
+ "engine_version": "8.3.3.18",
+ "method": "blacklist",
+ "result": "LINUX/Filecoder.gijrz"
+ },
+ "Baidu": {
+ "category": "undetected",
+ "engine_name": "Baidu",
+ "engine_update": "20190318",
+ "engine_version": "1.0.0.2",
+ "method": "blacklist",
+ "result": null
+ },
+ "BitDefender": {
+ "category": "malicious",
+ "engine_name": "BitDefender",
+ "engine_update": "20240616",
+ "engine_version": "7.2",
+ "method": "blacklist",
+ "result": "Trojan.Linux.Ransom.224225"
+ },
+ "BitDefenderFalx": {
+ "category": "type-unsupported",
+ "engine_name": "BitDefenderFalx",
+ "engine_update": "20240128",
+ "engine_version": "2.0.936",
+ "method": "blacklist",
+ "result": null
+ },
+ "BitDefenderTheta": {
+ "category": "undetected",
+ "engine_name": "BitDefenderTheta",
+ "engine_update": "20240529",
+ "engine_version": "7.2.37796.0",
+ "method": "blacklist",
+ "result": null
+ },
+ "Bkav": {
+ "category": "undetected",
+ "engine_name": "Bkav",
+ "engine_update": "20240616",
+ "engine_version": "2.0.0.1",
+ "method": "blacklist",
+ "result": null
+ },
+ "CAT-QuickHeal": {
+ "category": "undetected",
+ "engine_name": "CAT-QuickHeal",
+ "engine_update": "20240615",
+ "engine_version": "22.00",
+ "method": "blacklist",
+ "result": null
+ },
+ "CMC": {
+ "category": "undetected",
+ "engine_name": "CMC",
+ "engine_update": "20240616",
+ "engine_version": "2.4.2022.1",
+ "method": "blacklist",
+ "result": null
+ },
+ "ClamAV": {
+ "category": "malicious",
+ "engine_name": "ClamAV",
+ "engine_update": "20240616",
+ "engine_version": "1.3.1.0",
+ "method": "blacklist",
+ "result": "Unix.Ransomware.Deadbolt-9959009-0"
+ },
+ "CrowdStrike": {
+ "category": "undetected",
+ "engine_name": "CrowdStrike",
+ "engine_update": "20230417",
+ "engine_version": "1.0",
+ "method": "blacklist",
+ "result": null
+ },
+ "Cybereason": {
+ "category": "undetected",
+ "engine_name": "Cybereason",
+ "engine_update": "20180308",
+ "engine_version": null,
+ "method": "blacklist",
+ "result": null
+ },
+ "Cylance": {
+ "category": "type-unsupported",
+ "engine_name": "Cylance",
+ "engine_update": "20240612",
+ "engine_version": "3.0.0.0",
+ "method": "blacklist",
+ "result": null
+ },
+ "Cynet": {
+ "category": "malicious",
+ "engine_name": "Cynet",
+ "engine_update": "20240616",
+ "engine_version": "4.0.1.1",
+ "method": "blacklist",
+ "result": "Malicious (score: 99)"
+ },
+ "DeepInstinct": {
+ "category": "type-unsupported",
+ "engine_name": "DeepInstinct",
+ "engine_update": "20240606",
+ "engine_version": "5.0.0.8",
+ "method": "blacklist",
+ "result": null
+ },
+ "DrWeb": {
+ "category": "malicious",
+ "engine_name": "DrWeb",
+ "engine_update": "20240616",
+ "engine_version": "7.0.65.5230",
+ "method": "blacklist",
+ "result": "Linux.Encoder.119"
+ },
+ "ESET-NOD32": {
+ "category": "malicious",
+ "engine_name": "ESET-NOD32",
+ "engine_update": "20240616",
+ "engine_version": "29403",
+ "method": "blacklist",
+ "result": "Linux/Filecoder.Hive.D"
+ },
+ "Elastic": {
+ "category": "malicious",
+ "engine_name": "Elastic",
+ "engine_update": "20240613",
+ "engine_version": "4.0.151",
+ "method": "blacklist",
+ "result": "Linux.Ransomware.Hive"
+ },
+ "Emsisoft": {
+ "category": "malicious",
+ "engine_name": "Emsisoft",
+ "engine_update": "20240616",
+ "engine_version": "2024.1.0.53752",
+ "method": "blacklist",
+ "result": "Trojan.Linux.Ransom.224225 (B)"
+ },
+ "F-Secure": {
+ "category": "malicious",
+ "engine_name": "F-Secure",
+ "engine_update": "20240616",
+ "engine_version": "18.10.1547.307",
+ "method": "blacklist",
+ "result": "Malware.LINUX/Filecoder.gijrz"
+ },
+ "FireEye": {
+ "category": "malicious",
+ "engine_name": "FireEye",
+ "engine_update": "20240616",
+ "engine_version": "35.47.0.0",
+ "method": "blacklist",
+ "result": "Trojan.Linux.Ransom.224225"
+ },
+ "Fortinet": {
+ "category": "malicious",
+ "engine_name": "Fortinet",
+ "engine_update": "20240616",
+ "engine_version": "None",
+ "method": "blacklist",
+ "result": "Linux/Filecoder_Hive.A!tr"
+ },
+ "GData": {
+ "category": "malicious",
+ "engine_name": "GData",
+ "engine_update": "20240616",
+ "engine_version": "A:25.38291B:27.36384",
+ "method": "blacklist",
+ "result": "Trojan.Linux.Ransom.224225"
+ },
+ "Google": {
+ "category": "malicious",
+ "engine_name": "Google",
+ "engine_update": "20240616",
+ "engine_version": "1718546438",
+ "method": "blacklist",
+ "result": "Detected"
+ },
+ "Gridinsoft": {
+ "category": "malicious",
+ "engine_name": "Gridinsoft",
+ "engine_update": "20240616",
+ "engine_version": "1.0.179.174",
+ "method": "blacklist",
+ "result": "Ransom.U.Hive.bot"
+ },
+ "Ikarus": {
+ "category": "malicious",
+ "engine_name": "Ikarus",
+ "engine_update": "20240616",
+ "engine_version": "6.3.12.0",
+ "method": "blacklist",
+ "result": "Trojan-Ransom.Hive"
+ },
+ "Jiangmin": {
+ "category": "malicious",
+ "engine_name": "Jiangmin",
+ "engine_update": "20240615",
+ "engine_version": "16.0.100",
+ "method": "blacklist",
+ "result": "Trojan.Linux.btf"
+ },
+ "K7AntiVirus": {
+ "category": "undetected",
+ "engine_name": "K7AntiVirus",
+ "engine_update": "20240616",
+ "engine_version": "12.168.52308",
+ "method": "blacklist",
+ "result": null
+ },
+ "K7GW": {
+ "category": "undetected",
+ "engine_name": "K7GW",
+ "engine_update": "20240616",
+ "engine_version": "12.168.52309",
+ "method": "blacklist",
+ "result": null
+ },
+ "Kaspersky": {
+ "category": "malicious",
+ "engine_name": "Kaspersky",
+ "engine_update": "20240616",
+ "engine_version": "22.0.1.28",
+ "method": "blacklist",
+ "result": "HEUR:Trojan-Ransom.Linux.Hive.b"
+ },
+ "Kingsoft": {
+ "category": "malicious",
+ "engine_name": "Kingsoft",
+ "engine_update": "20230906",
+ "engine_version": "None",
+ "method": "blacklist",
+ "result": "Linux.Troj.Generic.v"
+ },
+ "Lionic": {
+ "category": "malicious",
+ "engine_name": "Lionic",
+ "engine_update": "20240616",
+ "engine_version": "7.5",
+ "method": "blacklist",
+ "result": "Trojan.Linux.Hive.j!c"
+ },
+ "MAX": {
+ "category": "malicious",
+ "engine_name": "MAX",
+ "engine_update": "20240616",
+ "engine_version": "2023.1.4.1",
+ "method": "blacklist",
+ "result": "malware (ai score=90)"
+ },
+ "Malwarebytes": {
+ "category": "undetected",
+ "engine_name": "Malwarebytes",
+ "engine_update": "20240616",
+ "engine_version": "4.5.5.54",
+ "method": "blacklist",
+ "result": null
+ },
+ "MaxSecure": {
+ "category": "undetected",
+ "engine_name": "MaxSecure",
+ "engine_update": "20240614",
+ "engine_version": "1.0.0.1",
+ "method": "blacklist",
+ "result": null
+ },
+ "McAfee": {
+ "category": "undetected",
+ "engine_name": "McAfee",
+ "engine_update": "20240616",
+ "engine_version": "6.0.6.653",
+ "method": "blacklist",
+ "result": null
+ },
+ "McAfeeD": {
+ "category": "type-unsupported",
+ "engine_name": "McAfeeD",
+ "engine_update": "20240616",
+ "engine_version": "1.2.0.7628",
+ "method": "blacklist",
+ "result": null
+ },
+ "MicroWorld-eScan": {
+ "category": "malicious",
+ "engine_name": "MicroWorld-eScan",
+ "engine_update": "20240616",
+ "engine_version": "14.0.409.0",
+ "method": "blacklist",
+ "result": "Trojan.Linux.Ransom.224225"
+ },
+ "Microsoft": {
+ "category": "malicious",
+ "engine_name": "Microsoft",
+ "engine_update": "20240616",
+ "engine_version": "1.1.24050.5",
+ "method": "blacklist",
+ "result": "Ransom:Linux/Filecoder!MTB"
+ },
+ "NANO-Antivirus": {
+ "category": "malicious",
+ "engine_name": "NANO-Antivirus",
+ "engine_update": "20240616",
+ "engine_version": "1.0.146.25796",
+ "method": "blacklist",
+ "result": "Trojan.Elf64.Ransom.jyhqzy"
+ },
+ "Paloalto": {
+ "category": "type-unsupported",
+ "engine_name": "Paloalto",
+ "engine_update": "20240616",
+ "engine_version": "0.9.0.1003",
+ "method": "blacklist",
+ "result": null
+ },
+ "Panda": {
+ "category": "malicious",
+ "engine_name": "Panda",
+ "engine_update": "20240616",
+ "engine_version": "4.6.4.2",
+ "method": "blacklist",
+ "result": "ELF/TrojanGen.A"
+ },
+ "Rising": {
+ "category": "malicious",
+ "engine_name": "Rising",
+ "engine_update": "20240616",
+ "engine_version": "25.0.0.27",
+ "method": "blacklist",
+ "result": "Ransom.Hive!8.12EEE (CLOUD)"
+ },
+ "SUPERAntiSpyware": {
+ "category": "undetected",
+ "engine_name": "SUPERAntiSpyware",
+ "engine_update": "20240615",
+ "engine_version": "5.6.0.1032",
+ "method": "blacklist",
+ "result": null
+ },
+ "Sangfor": {
+ "category": "undetected",
+ "engine_name": "Sangfor",
+ "engine_update": "20240614",
+ "engine_version": "2.25.10.0",
+ "method": "blacklist",
+ "result": null
+ },
+ "SentinelOne": {
+ "category": "undetected",
+ "engine_name": "SentinelOne",
+ "engine_update": "20240417",
+ "engine_version": "24.2.1.1",
+ "method": "blacklist",
+ "result": null
+ },
+ "Skyhigh": {
+ "category": "malicious",
+ "engine_name": "Skyhigh",
+ "engine_update": "20240615",
+ "engine_version": "v2021.2.0+4045",
+ "method": "blacklist",
+ "result": "Ransom-Hive!171D2A50C6D7"
+ },
+ "Sophos": {
+ "category": "malicious",
+ "engine_name": "Sophos",
+ "engine_update": "20240616",
+ "engine_version": "2.5.5.0",
+ "method": "blacklist",
+ "result": "Mal/Generic-S"
+ },
+ "Symantec": {
+ "category": "malicious",
+ "engine_name": "Symantec",
+ "engine_update": "20240616",
+ "engine_version": "1.21.0.0",
+ "method": "blacklist",
+ "result": "Trojan Horse"
+ },
+ "SymantecMobileInsight": {
+ "category": "type-unsupported",
+ "engine_name": "SymantecMobileInsight",
+ "engine_update": "20240103",
+ "engine_version": "2.0",
+ "method": "blacklist",
+ "result": null
+ },
+ "TACHYON": {
+ "category": "undetected",
+ "engine_name": "TACHYON",
+ "engine_update": "20240616",
+ "engine_version": "2024-06-16.02",
+ "method": "blacklist",
+ "result": null
+ },
+ "Tencent": {
+ "category": "malicious",
+ "engine_name": "Tencent",
+ "engine_update": "20240616",
+ "engine_version": "1.0.0.1",
+ "method": "blacklist",
+ "result": "Linux.Trojan-Ransom.Hive.Jqil"
+ },
+ "Trapmine": {
+ "category": "type-unsupported",
+ "engine_name": "Trapmine",
+ "engine_update": "20240223",
+ "engine_version": "4.0.16.96",
+ "method": "blacklist",
+ "result": null
+ },
+ "TrendMicro": {
+ "category": "malicious",
+ "engine_name": "TrendMicro",
+ "engine_update": "20240616",
+ "engine_version": "11.0.0.1006",
+ "method": "blacklist",
+ "result": "Trojan.Linux.FILECODERHIVE.USELVL521"
+ },
+ "TrendMicro-HouseCall": {
+ "category": "malicious",
+ "engine_name": "TrendMicro-HouseCall",
+ "engine_update": "20240616",
+ "engine_version": "10.0.0.1040",
+ "method": "blacklist",
+ "result": "Trojan.Linux.FILECODERHIVE.USELVL521"
+ },
+ "Trustlook": {
+ "category": "type-unsupported",
+ "engine_name": "Trustlook",
+ "engine_update": "20240616",
+ "engine_version": "1.0",
+ "method": "blacklist",
+ "result": null
+ },
+ "VBA32": {
+ "category": "undetected",
+ "engine_name": "VBA32",
+ "engine_update": "20240614",
+ "engine_version": "5.0.0",
+ "method": "blacklist",
+ "result": null
+ },
+ "VIPRE": {
+ "category": "malicious",
+ "engine_name": "VIPRE",
+ "engine_update": "20240616",
+ "engine_version": "6.0.0.35",
+ "method": "blacklist",
+ "result": "Trojan.Linux.Ransom.224225"
+ },
+ "Varist": {
+ "category": "malicious",
+ "engine_name": "Varist",
+ "engine_update": "20240616",
+ "engine_version": "6.5.1.2",
+ "method": "blacklist",
+ "result": "E64/DCFilcdr.JVGT-"
+ },
+ "ViRobot": {
+ "category": "undetected",
+ "engine_name": "ViRobot",
+ "engine_update": "20240616",
+ "engine_version": "2014.3.20.0",
+ "method": "blacklist",
+ "result": null
+ },
+ "VirIT": {
+ "category": "undetected",
+ "engine_name": "VirIT",
+ "engine_update": "20240614",
+ "engine_version": "9.5.724",
+ "method": "blacklist",
+ "result": null
+ },
+ "Webroot": {
+ "category": "type-unsupported",
+ "engine_name": "Webroot",
+ "engine_update": "20240616",
+ "engine_version": "1.0.0.403",
+ "method": "blacklist",
+ "result": null
+ },
+ "Xcitium": {
+ "category": "undetected",
+ "engine_name": "Xcitium",
+ "engine_update": "20240616",
+ "engine_version": "36795",
+ "method": "blacklist",
+ "result": null
+ },
+ "Yandex": {
+ "category": "undetected",
+ "engine_name": "Yandex",
+ "engine_update": "20240615",
+ "engine_version": "5.5.2.24",
+ "method": "blacklist",
+ "result": null
+ },
+ "Zillya": {
+ "category": "malicious",
+ "engine_name": "Zillya",
+ "engine_update": "20240615",
+ "engine_version": "2.0.0.5134",
+ "method": "blacklist",
+ "result": "Trojan.Filecoder.Linux.78"
+ },
+ "ZoneAlarm": {
+ "category": "malicious",
+ "engine_name": "ZoneAlarm",
+ "engine_update": "20240616",
+ "engine_version": "1.0",
+ "method": "blacklist",
+ "result": "HEUR:Trojan-Ransom.Linux.Hive.b"
+ },
+ "Zoner": {
+ "category": "undetected",
+ "engine_name": "Zoner",
+ "engine_update": "20240616",
+ "engine_version": "2.2.2.0",
+ "method": "blacklist",
+ "result": null
+ },
+ "alibabacloud": {
+ "category": "malicious",
+ "engine_name": "alibabacloud",
+ "engine_update": "20240614",
+ "engine_version": "2.1.3",
+ "method": "blacklist",
+ "result": "RansomWare"
+ },
+ "tehtris": {
+ "category": "undetected",
+ "engine_name": "tehtris",
+ "engine_update": "20240616",
+ "engine_version": null,
+ "method": "blacklist",
+ "result": null
+ }
+}
diff --git a/linux/776ea636ee33aab6b2db5f46889b027c297280db37400efb091e0d4a9001a7d7/README.md b/linux/776ea636ee33aab6b2db5f46889b027c297280db37400efb091e0d4a9001a7d7/README.md
new file mode 100644
index 0000000..4ad3a08
--- /dev/null
+++ b/linux/776ea636ee33aab6b2db5f46889b027c297280db37400efb091e0d4a9001a7d7/README.md
@@ -0,0 +1,58 @@
+
+# Sample Information
+
+