sample-doc-attempt

Reviewed-on: #2 Co-authored-by: qjerome <quentin.jerome@circl.lu> Co-committed-by: qjerome <quentin.jerome@circl.lu>
2024-07-02 11:41:17 +00:00 · 2024-07-02 11:41:17 +00:00 · 10a862dc51
commit 10a862dc51
parent d73465064b
39 changed files with 12829 additions and 0 deletions
--- a/.gitignore
+++ b/.gitignore
@ -0,0 +1 @@
+.cache
--- a/linux/15e67237cfda7a9b6cd6d27af76b315c79ad65daeec127f84128904b8c7757dd/README.md
+++ b/linux/15e67237cfda7a9b6cd6d27af76b315c79ad65daeec127f84128904b8c7757dd/README.md
@ -0,0 +1,60 @@
+
+# Sample Information
+
+<table>
+  <tr>
+    <td><b>VirusTotal Threat Label</b></td>
+    <td><b><span style="color: red">unknown</span></b></td>
+  </tr>
+  <tr>
+    <td><b>md5</b></td>
+    <td>827461d60dcf9edf8dad7bcd5984fc1a</td>
+  </tr>
+  <tr>
+    <td><b>sha1</b></td>
+    <td>776d18b62f309da5311b0ae40222c19b4efa2a3e</td>
+  </tr>
+  <tr>
+    <td><b>sha256</b></td>
+    <td>15e67237cfda7a9b6cd6d27af76b315c79ad65daeec127f84128904b8c7757dd</td>
+  </tr>
+  <tr>
+    <td><b>sha512</b></td>
+    <td>481d37773aa434447b52013036be29b98ecc689b7f33bf40025bcdbc897c5f3d2a60ed11b3ad8f36c18b8a58d11292ff524197db5479977b75468786490c0590</td>
+  </tr>
+</table>
+
+**VirusTotal**: https://www.virustotal.com/gui/file/15e67237cfda7a9b6cd6d27af76b315c79ad65daeec127f84128904b8c7757dd
+
+## Detection Names
+
+a variant of Linux/Mirai.A  
+Backdoor.Linux.Mirai.wan  
+Backdoor.Mirai/Linux!1.BBED (CLOUD)  
+Backdoor.Mirai.Linux.80659  
+Detected  
+E32/Mirai.ZT  
+ELF/Mirai.A!tr  
+GenericRXHY-TW!827461D60DCF  
+HEUR:Backdoor.Linux.Mirai.b  
+Linux/DDoS-CI  
+Linux.Mirai  
+Linux.Mirai.754  
+Linux.Mirai.BDA  
+LINUX/Mirai.krkyt  
+Malicious (score: 99)  
+malware (ai score=99)  
+Malware.LINUX/Mirai.krkyt  
+Other:Malware-gen [Trj]  
+Static AI - Malicious ELF  
+Suspicious.Linux.Save.a  
+Trojan[Backdoor]/Linux.Mirai.b  
+Trojan.Elf32.Mirai.ftavlz  
+Trojan.Linux.Generic.112611  
+Trojan.Linux.Generic.112611 (B)  
+Trojan.Linux.Generic.D1B7E3  
+Trojan.Linux.Linux.4!c  
+Trojan.Linux.Mirai  
+Trojan:Linux/Mirai  
+Unix.Malware.Agent-7052919-0  
+
--- a/linux/15e67237cfda7a9b6cd6d27af76b315c79ad65daeec127f84128904b8c7757dd/virustotal.json
+++ b/linux/15e67237cfda7a9b6cd6d27af76b315c79ad65daeec127f84128904b8c7757dd/virustotal.json
@ -0,0 +1,594 @@
+{
+  "ALYac": {
+    "category": "malicious",
+    "engine_name": "ALYac",
+    "engine_update": "20230426",
+    "engine_version": "1.1.3.1",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.112611"
+  },
+  "APEX": {
+    "category": "type-unsupported",
+    "engine_name": "APEX",
+    "engine_update": "20230416",
+    "engine_version": "6.408",
+    "method": "blacklist",
+    "result": null
+  },
+  "AVG": {
+    "category": "malicious",
+    "engine_name": "AVG",
+    "engine_update": "20230426",
+    "engine_version": "22.11.7701.0",
+    "method": "blacklist",
+    "result": "Other:Malware-gen [Trj]"
+  },
+  "Acronis": {
+    "category": "undetected",
+    "engine_name": "Acronis",
+    "engine_update": "20230219",
+    "engine_version": "1.2.0.114",
+    "method": "blacklist",
+    "result": null
+  },
+  "AhnLab-V3": {
+    "category": "undetected",
+    "engine_name": "AhnLab-V3",
+    "engine_update": "20230426",
+    "engine_version": "3.23.2.10388",
+    "method": "blacklist",
+    "result": null
+  },
+  "Alibaba": {
+    "category": "type-unsupported",
+    "engine_name": "Alibaba",
+    "engine_update": "20190527",
+    "engine_version": "0.3.0.5",
+    "method": "blacklist",
+    "result": null
+  },
+  "Antiy-AVL": {
+    "category": "malicious",
+    "engine_name": "Antiy-AVL",
+    "engine_update": "20230426",
+    "engine_version": "3.0",
+    "method": "blacklist",
+    "result": "Trojan[Backdoor]/Linux.Mirai.b"
+  },
+  "Arcabit": {
+    "category": "malicious",
+    "engine_name": "Arcabit",
+    "engine_update": "20230425",
+    "engine_version": "2022.0.0.18",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.D1B7E3"
+  },
+  "Avast": {
+    "category": "malicious",
+    "engine_name": "Avast",
+    "engine_update": "20230426",
+    "engine_version": "22.11.7701.0",
+    "method": "blacklist",
+    "result": "Other:Malware-gen [Trj]"
+  },
+  "Avast-Mobile": {
+    "category": "undetected",
+    "engine_name": "Avast-Mobile",
+    "engine_update": "20230425",
+    "engine_version": "230425-02",
+    "method": "blacklist",
+    "result": null
+  },
+  "Avira": {
+    "category": "malicious",
+    "engine_name": "Avira",
+    "engine_update": "20230426",
+    "engine_version": "8.3.3.16",
+    "method": "blacklist",
+    "result": "LINUX/Mirai.krkyt"
+  },
+  "Baidu": {
+    "category": "undetected",
+    "engine_name": "Baidu",
+    "engine_update": "20190318",
+    "engine_version": "1.0.0.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefender": {
+    "category": "malicious",
+    "engine_name": "BitDefender",
+    "engine_update": "20230426",
+    "engine_version": "7.2",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.112611"
+  },
+  "BitDefenderFalx": {
+    "category": "type-unsupported",
+    "engine_name": "BitDefenderFalx",
+    "engine_update": "20230419",
+    "engine_version": "2.0.936",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefenderTheta": {
+    "category": "undetected",
+    "engine_name": "BitDefenderTheta",
+    "engine_update": "20230418",
+    "engine_version": "7.2.37796.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Bkav": {
+    "category": "undetected",
+    "engine_name": "Bkav",
+    "engine_update": "20230425",
+    "engine_version": "1.3.0.9899",
+    "method": "blacklist",
+    "result": null
+  },
+  "CAT-QuickHeal": {
+    "category": "undetected",
+    "engine_name": "CAT-QuickHeal",
+    "engine_update": "20230425",
+    "engine_version": "22.00",
+    "method": "blacklist",
+    "result": null
+  },
+  "CMC": {
+    "category": "undetected",
+    "engine_name": "CMC",
+    "engine_update": "20230425",
+    "engine_version": "2.4.2022.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "ClamAV": {
+    "category": "malicious",
+    "engine_name": "ClamAV",
+    "engine_update": "20230425",
+    "engine_version": "1.0.1.0",
+    "method": "blacklist",
+    "result": "Unix.Malware.Agent-7052919-0"
+  },
+  "CrowdStrike": {
+    "category": "type-unsupported",
+    "engine_name": "CrowdStrike",
+    "engine_update": "20220812",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cylance": {
+    "category": "type-unsupported",
+    "engine_name": "Cylance",
+    "engine_update": "20230419",
+    "engine_version": "2.0.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cynet": {
+    "category": "malicious",
+    "engine_name": "Cynet",
+    "engine_update": "20230425",
+    "engine_version": "4.0.0.27",
+    "method": "blacklist",
+    "result": "Malicious (score: 99)"
+  },
+  "Cyren": {
+    "category": "malicious",
+    "engine_name": "Cyren",
+    "engine_update": "20230426",
+    "engine_version": "6.5.1.2",
+    "method": "blacklist",
+    "result": "E32/Mirai.ZT"
+  },
+  "DeepInstinct": {
+    "category": "type-unsupported",
+    "engine_name": "DeepInstinct",
+    "engine_update": "20230420",
+    "engine_version": "3.1.0.15",
+    "method": "blacklist",
+    "result": null
+  },
+  "DrWeb": {
+    "category": "malicious",
+    "engine_name": "DrWeb",
+    "engine_update": "20230426",
+    "engine_version": "7.0.59.12300",
+    "method": "blacklist",
+    "result": "Linux.Mirai.754"
+  },
+  "ESET-NOD32": {
+    "category": "malicious",
+    "engine_name": "ESET-NOD32",
+    "engine_update": "20230425",
+    "engine_version": "27131",
+    "method": "blacklist",
+    "result": "a variant of Linux/Mirai.A"
+  },
+  "Elastic": {
+    "category": "undetected",
+    "engine_name": "Elastic",
+    "engine_update": "20230413",
+    "engine_version": "4.0.85",
+    "method": "blacklist",
+    "result": null
+  },
+  "Emsisoft": {
+    "category": "malicious",
+    "engine_name": "Emsisoft",
+    "engine_update": "20230426",
+    "engine_version": "2022.6.0.32461",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.112611 (B)"
+  },
+  "F-Secure": {
+    "category": "malicious",
+    "engine_name": "F-Secure",
+    "engine_update": "20230425",
+    "engine_version": "18.10.1137.128",
+    "method": "blacklist",
+    "result": "Malware.LINUX/Mirai.krkyt"
+  },
+  "FireEye": {
+    "category": "malicious",
+    "engine_name": "FireEye",
+    "engine_update": "20230426",
+    "engine_version": "35.24.1.0",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.112611"
+  },
+  "Fortinet": {
+    "category": "malicious",
+    "engine_name": "Fortinet",
+    "engine_update": "20230426",
+    "engine_version": "6.4.258.0",
+    "method": "blacklist",
+    "result": "ELF/Mirai.A!tr"
+  },
+  "GData": {
+    "category": "malicious",
+    "engine_name": "GData",
+    "engine_update": "20230426",
+    "engine_version": "A:25.35717B:27.31465",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.112611"
+  },
+  "Google": {
+    "category": "malicious",
+    "engine_name": "Google",
+    "engine_update": "20230426",
+    "engine_version": "1682474435",
+    "method": "blacklist",
+    "result": "Detected"
+  },
+  "Gridinsoft": {
+    "category": "undetected",
+    "engine_name": "Gridinsoft",
+    "engine_update": "20230426",
+    "engine_version": "1.0.114.174",
+    "method": "blacklist",
+    "result": null
+  },
+  "Ikarus": {
+    "category": "malicious",
+    "engine_name": "Ikarus",
+    "engine_update": "20230425",
+    "engine_version": "6.1.14.0",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Mirai"
+  },
+  "Jiangmin": {
+    "category": "undetected",
+    "engine_name": "Jiangmin",
+    "engine_update": "20230425",
+    "engine_version": "16.0.100",
+    "method": "blacklist",
+    "result": null
+  },
+  "K7AntiVirus": {
+    "category": "undetected",
+    "engine_name": "K7AntiVirus",
+    "engine_update": "20230426",
+    "engine_version": "12.82.47922",
+    "method": "blacklist",
+    "result": null
+  },
+  "K7GW": {
+    "category": "undetected",
+    "engine_name": "K7GW",
+    "engine_update": "20230425",
+    "engine_version": "12.82.47922",
+    "method": "blacklist",
+    "result": null
+  },
+  "Kaspersky": {
+    "category": "malicious",
+    "engine_name": "Kaspersky",
+    "engine_update": "20230426",
+    "engine_version": "22.0.1.28",
+    "method": "blacklist",
+    "result": "HEUR:Backdoor.Linux.Mirai.b"
+  },
+  "Lionic": {
+    "category": "malicious",
+    "engine_name": "Lionic",
+    "engine_update": "20230426",
+    "engine_version": "7.5",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Linux.4!c"
+  },
+  "MAX": {
+    "category": "malicious",
+    "engine_name": "MAX",
+    "engine_update": "20230426",
+    "engine_version": "2023.1.4.1",
+    "method": "blacklist",
+    "result": "malware (ai score=99)"
+  },
+  "Malwarebytes": {
+    "category": "undetected",
+    "engine_name": "Malwarebytes",
+    "engine_update": "20230425",
+    "engine_version": "4.5.5.54",
+    "method": "blacklist",
+    "result": null
+  },
+  "MaxSecure": {
+    "category": "undetected",
+    "engine_name": "MaxSecure",
+    "engine_update": "20230424",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "McAfee": {
+    "category": "malicious",
+    "engine_name": "McAfee",
+    "engine_update": "20230426",
+    "engine_version": "6.0.6.653",
+    "method": "blacklist",
+    "result": "GenericRXHY-TW!827461D60DCF"
+  },
+  "McAfee-GW-Edition": {
+    "category": "malicious",
+    "engine_name": "McAfee-GW-Edition",
+    "engine_update": "20230425",
+    "engine_version": "v2021.2.0+4045",
+    "method": "blacklist",
+    "result": "GenericRXHY-TW!827461D60DCF"
+  },
+  "MicroWorld-eScan": {
+    "category": "malicious",
+    "engine_name": "MicroWorld-eScan",
+    "engine_update": "20230426",
+    "engine_version": "14.0.409.0",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.112611"
+  },
+  "Microsoft": {
+    "category": "malicious",
+    "engine_name": "Microsoft",
+    "engine_update": "20230425",
+    "engine_version": "1.1.20200.4",
+    "method": "blacklist",
+    "result": "Trojan:Linux/Mirai"
+  },
+  "NANO-Antivirus": {
+    "category": "malicious",
+    "engine_name": "NANO-Antivirus",
+    "engine_update": "20230425",
+    "engine_version": "1.0.146.25757",
+    "method": "blacklist",
+    "result": "Trojan.Elf32.Mirai.ftavlz"
+  },
+  "Paloalto": {
+    "category": "type-unsupported",
+    "engine_name": "Paloalto",
+    "engine_update": "20230426",
+    "engine_version": "0.9.0.1003",
+    "method": "blacklist",
+    "result": null
+  },
+  "Panda": {
+    "category": "undetected",
+    "engine_name": "Panda",
+    "engine_update": "20230425",
+    "engine_version": "4.6.4.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "Rising": {
+    "category": "malicious",
+    "engine_name": "Rising",
+    "engine_update": "20230425",
+    "engine_version": "25.0.0.27",
+    "method": "blacklist",
+    "result": "Backdoor.Mirai/Linux!1.BBED (CLOUD)"
+  },
+  "SUPERAntiSpyware": {
+    "category": "undetected",
+    "engine_name": "SUPERAntiSpyware",
+    "engine_update": "20230423",
+    "engine_version": "5.6.0.1032",
+    "method": "blacklist",
+    "result": null
+  },
+  "Sangfor": {
+    "category": "malicious",
+    "engine_name": "Sangfor",
+    "engine_update": "20230421",
+    "engine_version": "2.23.0.0",
+    "method": "blacklist",
+    "result": "Suspicious.Linux.Save.a"
+  },
+  "SentinelOne": {
+    "category": "malicious",
+    "engine_name": "SentinelOne",
+    "engine_update": "20230404",
+    "engine_version": "23.2.0.1",
+    "method": "blacklist",
+    "result": "Static AI - Malicious ELF"
+  },
+  "Sophos": {
+    "category": "malicious",
+    "engine_name": "Sophos",
+    "engine_update": "20230426",
+    "engine_version": "2.1.2.0",
+    "method": "blacklist",
+    "result": "Linux/DDoS-CI"
+  },
+  "Symantec": {
+    "category": "malicious",
+    "engine_name": "Symantec",
+    "engine_update": "20230425",
+    "engine_version": "1.20.0.0",
+    "method": "blacklist",
+    "result": "Linux.Mirai"
+  },
+  "SymantecMobileInsight": {
+    "category": "type-unsupported",
+    "engine_name": "SymantecMobileInsight",
+    "engine_update": "20230119",
+    "engine_version": "2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "TACHYON": {
+    "category": "undetected",
+    "engine_name": "TACHYON",
+    "engine_update": "20230426",
+    "engine_version": "2023-04-26.01",
+    "method": "blacklist",
+    "result": null
+  },
+  "Tencent": {
+    "category": "malicious",
+    "engine_name": "Tencent",
+    "engine_update": "20230426",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.Mirai.wan"
+  },
+  "Trapmine": {
+    "category": "type-unsupported",
+    "engine_name": "Trapmine",
+    "engine_update": "20230412",
+    "engine_version": "4.0.14.446",
+    "method": "blacklist",
+    "result": null
+  },
+  "TrendMicro": {
+    "category": "undetected",
+    "engine_name": "TrendMicro",
+    "engine_update": "20230425",
+    "engine_version": "11.0.0.1006",
+    "method": "blacklist",
+    "result": null
+  },
+  "TrendMicro-HouseCall": {
+    "category": "undetected",
+    "engine_name": "TrendMicro-HouseCall",
+    "engine_update": "20230426",
+    "engine_version": "10.0.0.1040",
+    "method": "blacklist",
+    "result": null
+  },
+  "Trustlook": {
+    "category": "type-unsupported",
+    "engine_name": "Trustlook",
+    "engine_update": "20230426",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VBA32": {
+    "category": "undetected",
+    "engine_name": "VBA32",
+    "engine_update": "20230421",
+    "engine_version": "5.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VIPRE": {
+    "category": "malicious",
+    "engine_name": "VIPRE",
+    "engine_update": "20230425",
+    "engine_version": "6.0.0.35",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.112611"
+  },
+  "ViRobot": {
+    "category": "undetected",
+    "engine_name": "ViRobot",
+    "engine_update": "20230426",
+    "engine_version": "2014.3.20.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VirIT": {
+    "category": "malicious",
+    "engine_name": "VirIT",
+    "engine_update": "20230424",
+    "engine_version": "9.5.435",
+    "method": "blacklist",
+    "result": "Linux.Mirai.BDA"
+  },
+  "Webroot": {
+    "category": "type-unsupported",
+    "engine_name": "Webroot",
+    "engine_update": "20230426",
+    "engine_version": "1.0.0.403",
+    "method": "blacklist",
+    "result": null
+  },
+  "Xcitium": {
+    "category": "undetected",
+    "engine_name": "Xcitium",
+    "engine_update": "20230425",
+    "engine_version": "35588",
+    "method": "blacklist",
+    "result": null
+  },
+  "Yandex": {
+    "category": "undetected",
+    "engine_name": "Yandex",
+    "engine_update": "20230425",
+    "engine_version": "5.5.2.24",
+    "method": "blacklist",
+    "result": null
+  },
+  "Zillya": {
+    "category": "malicious",
+    "engine_name": "Zillya",
+    "engine_update": "20230424",
+    "engine_version": "2.0.0.4859",
+    "method": "blacklist",
+    "result": "Backdoor.Mirai.Linux.80659"
+  },
+  "ZoneAlarm": {
+    "category": "malicious",
+    "engine_name": "ZoneAlarm",
+    "engine_update": "20230425",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": "HEUR:Backdoor.Linux.Mirai.b"
+  },
+  "Zoner": {
+    "category": "undetected",
+    "engine_name": "Zoner",
+    "engine_update": "20230425",
+    "engine_version": "2.2.2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "tehtris": {
+    "category": "type-unsupported",
+    "engine_name": "tehtris",
+    "engine_update": "20230426",
+    "engine_version": "v0.1.4",
+    "method": "blacklist",
+    "result": null
+  }
+}
--- a/linux/17d8569d683f39d71f051cc0d2d33a662e549635cd74460c72ba1e49224bc35c/README.md
+++ b/linux/17d8569d683f39d71f051cc0d2d33a662e549635cd74460c72ba1e49224bc35c/README.md
@ -0,0 +1,62 @@
+
+# Sample Information
+
+<table>
+  <tr>
+    <td><b>VirusTotal Threat Label</b></td>
+    <td><b><span style="color: red">unknown</span></b></td>
+  </tr>
+  <tr>
+    <td><b>md5</b></td>
+    <td>a0e1c1e0a2c5cdc8af60beda2b581ee1</td>
+  </tr>
+  <tr>
+    <td><b>sha1</b></td>
+    <td>555c3d3b9ca1010ccfa9533487e264ad7fe34ecd</td>
+  </tr>
+  <tr>
+    <td><b>sha256</b></td>
+    <td>17d8569d683f39d71f051cc0d2d33a662e549635cd74460c72ba1e49224bc35c</td>
+  </tr>
+  <tr>
+    <td><b>sha512</b></td>
+    <td>3492b67643a97e7dd607f4d4edc97a36380ed2a85f87fba3ff3e817debff7aa7ad84f7ea884b3340fefe3b0ab37327b789640d3fa6ef1f40acd3b195306a414b</td>
+  </tr>
+</table>
+
+**VirusTotal**: https://www.virustotal.com/gui/file/17d8569d683f39d71f051cc0d2d33a662e549635cd74460c72ba1e49224bc35c
+
+## Detection Names
+
+Artemis!Trojan  
+Backdoor.linux.ganiw.h  
+Backdoor/Linux.ku  
+Backdoor.Linux.Tsunami.CK  
+Backdoor.Linux.Tsunami.CK (B)  
+Backdoor.Setag/Linux!1.A3E5 (CLOUD)  
+Detected  
+ELF:Elknot-AD [Cryp]  
+ELF/Setag.B!tr  
+ELF_SETAG.DM  
+HEUR:Backdoor.Linux.Ganiw.d  
+Linux.BackDoor.Gates.9  
+Linux.BackDoor.Gates.G  
+Linux.Chikdos.B!gen2  
+Linux/DDoS-BD  
+Linux/Elknot.525288  
+LINUX/Setag.332  
+Linux/Setag.B  
+Malicious (score: 99)  
+Malware@#1fpleign4a7nr  
+malware (ai score=100)  
+Malware.LINUX/Setag.332  
+Static AI - Malicious ELF  
+Suspicious.Linux.Save.a  
+Trojan[Backdoor]/Linux.Ganiw.d  
+Trojan.Elf32.Ganiw.eksrqh  
+Trojan.Linux.Agent  
+Trojan.Linux.Ganiw.m!c  
+Trojan:Linux/Multiverze  
+Trojan.Setag.Linux.79  
+Unix.Malware.Agent-1639378  
+
--- a/linux/17d8569d683f39d71f051cc0d2d33a662e549635cd74460c72ba1e49224bc35c/virustotal.json
+++ b/linux/17d8569d683f39d71f051cc0d2d33a662e549635cd74460c72ba1e49224bc35c/virustotal.json
@ -0,0 +1,594 @@
+{
+  "ALYac": {
+    "category": "malicious",
+    "engine_name": "ALYac",
+    "engine_update": "20230426",
+    "engine_version": "1.1.3.1",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.Tsunami.CK"
+  },
+  "APEX": {
+    "category": "type-unsupported",
+    "engine_name": "APEX",
+    "engine_update": "20230416",
+    "engine_version": "6.408",
+    "method": "blacklist",
+    "result": null
+  },
+  "AVG": {
+    "category": "malicious",
+    "engine_name": "AVG",
+    "engine_update": "20230426",
+    "engine_version": "22.11.7701.0",
+    "method": "blacklist",
+    "result": "ELF:Elknot-AD [Cryp]"
+  },
+  "Acronis": {
+    "category": "undetected",
+    "engine_name": "Acronis",
+    "engine_update": "20230219",
+    "engine_version": "1.2.0.114",
+    "method": "blacklist",
+    "result": null
+  },
+  "AhnLab-V3": {
+    "category": "malicious",
+    "engine_name": "AhnLab-V3",
+    "engine_update": "20230426",
+    "engine_version": "3.23.2.10388",
+    "method": "blacklist",
+    "result": "Linux/Elknot.525288"
+  },
+  "Alibaba": {
+    "category": "type-unsupported",
+    "engine_name": "Alibaba",
+    "engine_update": "20190527",
+    "engine_version": "0.3.0.5",
+    "method": "blacklist",
+    "result": null
+  },
+  "Antiy-AVL": {
+    "category": "malicious",
+    "engine_name": "Antiy-AVL",
+    "engine_update": "20230426",
+    "engine_version": "3.0",
+    "method": "blacklist",
+    "result": "Trojan[Backdoor]/Linux.Ganiw.d"
+  },
+  "Arcabit": {
+    "category": "malicious",
+    "engine_name": "Arcabit",
+    "engine_update": "20230425",
+    "engine_version": "2022.0.0.18",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.Tsunami.CK"
+  },
+  "Avast": {
+    "category": "malicious",
+    "engine_name": "Avast",
+    "engine_update": "20230426",
+    "engine_version": "22.11.7701.0",
+    "method": "blacklist",
+    "result": "ELF:Elknot-AD [Cryp]"
+  },
+  "Avast-Mobile": {
+    "category": "undetected",
+    "engine_name": "Avast-Mobile",
+    "engine_update": "20230425",
+    "engine_version": "230425-02",
+    "method": "blacklist",
+    "result": null
+  },
+  "Avira": {
+    "category": "malicious",
+    "engine_name": "Avira",
+    "engine_update": "20230425",
+    "engine_version": "8.3.3.16",
+    "method": "blacklist",
+    "result": "LINUX/Setag.332"
+  },
+  "Baidu": {
+    "category": "undetected",
+    "engine_name": "Baidu",
+    "engine_update": "20190318",
+    "engine_version": "1.0.0.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefender": {
+    "category": "malicious",
+    "engine_name": "BitDefender",
+    "engine_update": "20230426",
+    "engine_version": "7.2",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.Tsunami.CK"
+  },
+  "BitDefenderFalx": {
+    "category": "type-unsupported",
+    "engine_name": "BitDefenderFalx",
+    "engine_update": "20230419",
+    "engine_version": "2.0.936",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefenderTheta": {
+    "category": "undetected",
+    "engine_name": "BitDefenderTheta",
+    "engine_update": "20230418",
+    "engine_version": "7.2.37796.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Bkav": {
+    "category": "undetected",
+    "engine_name": "Bkav",
+    "engine_update": "20230425",
+    "engine_version": "1.3.0.9899",
+    "method": "blacklist",
+    "result": null
+  },
+  "CAT-QuickHeal": {
+    "category": "undetected",
+    "engine_name": "CAT-QuickHeal",
+    "engine_update": "20230425",
+    "engine_version": "22.00",
+    "method": "blacklist",
+    "result": null
+  },
+  "CMC": {
+    "category": "undetected",
+    "engine_name": "CMC",
+    "engine_update": "20230425",
+    "engine_version": "2.4.2022.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "ClamAV": {
+    "category": "malicious",
+    "engine_name": "ClamAV",
+    "engine_update": "20230425",
+    "engine_version": "1.0.1.0",
+    "method": "blacklist",
+    "result": "Unix.Malware.Agent-1639378"
+  },
+  "CrowdStrike": {
+    "category": "type-unsupported",
+    "engine_name": "CrowdStrike",
+    "engine_update": "20220812",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cylance": {
+    "category": "type-unsupported",
+    "engine_name": "Cylance",
+    "engine_update": "20230419",
+    "engine_version": "2.0.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cynet": {
+    "category": "malicious",
+    "engine_name": "Cynet",
+    "engine_update": "20230425",
+    "engine_version": "4.0.0.27",
+    "method": "blacklist",
+    "result": "Malicious (score: 99)"
+  },
+  "Cyren": {
+    "category": "undetected",
+    "engine_name": "Cyren",
+    "engine_update": "20230426",
+    "engine_version": "6.5.1.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "DeepInstinct": {
+    "category": "type-unsupported",
+    "engine_name": "DeepInstinct",
+    "engine_update": "20230420",
+    "engine_version": "3.1.0.15",
+    "method": "blacklist",
+    "result": null
+  },
+  "DrWeb": {
+    "category": "malicious",
+    "engine_name": "DrWeb",
+    "engine_update": "20230426",
+    "engine_version": "7.0.59.12300",
+    "method": "blacklist",
+    "result": "Linux.BackDoor.Gates.9"
+  },
+  "ESET-NOD32": {
+    "category": "malicious",
+    "engine_name": "ESET-NOD32",
+    "engine_update": "20230425",
+    "engine_version": "27131",
+    "method": "blacklist",
+    "result": "Linux/Setag.B"
+  },
+  "Elastic": {
+    "category": "undetected",
+    "engine_name": "Elastic",
+    "engine_update": "20230413",
+    "engine_version": "4.0.85",
+    "method": "blacklist",
+    "result": null
+  },
+  "Emsisoft": {
+    "category": "malicious",
+    "engine_name": "Emsisoft",
+    "engine_update": "20230426",
+    "engine_version": "2022.6.0.32461",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.Tsunami.CK (B)"
+  },
+  "F-Secure": {
+    "category": "malicious",
+    "engine_name": "F-Secure",
+    "engine_update": "20230425",
+    "engine_version": "18.10.1137.128",
+    "method": "blacklist",
+    "result": "Malware.LINUX/Setag.332"
+  },
+  "FireEye": {
+    "category": "malicious",
+    "engine_name": "FireEye",
+    "engine_update": "20230426",
+    "engine_version": "35.24.1.0",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.Tsunami.CK"
+  },
+  "Fortinet": {
+    "category": "malicious",
+    "engine_name": "Fortinet",
+    "engine_update": "20230425",
+    "engine_version": "6.4.258.0",
+    "method": "blacklist",
+    "result": "ELF/Setag.B!tr"
+  },
+  "GData": {
+    "category": "malicious",
+    "engine_name": "GData",
+    "engine_update": "20230426",
+    "engine_version": "A:25.35717B:27.31465",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.Tsunami.CK"
+  },
+  "Google": {
+    "category": "malicious",
+    "engine_name": "Google",
+    "engine_update": "20230426",
+    "engine_version": "1682470845",
+    "method": "blacklist",
+    "result": "Detected"
+  },
+  "Gridinsoft": {
+    "category": "undetected",
+    "engine_name": "Gridinsoft",
+    "engine_update": "20230426",
+    "engine_version": "1.0.114.174",
+    "method": "blacklist",
+    "result": null
+  },
+  "Ikarus": {
+    "category": "malicious",
+    "engine_name": "Ikarus",
+    "engine_update": "20230425",
+    "engine_version": "6.1.14.0",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Agent"
+  },
+  "Jiangmin": {
+    "category": "malicious",
+    "engine_name": "Jiangmin",
+    "engine_update": "20230425",
+    "engine_version": "16.0.100",
+    "method": "blacklist",
+    "result": "Backdoor/Linux.ku"
+  },
+  "K7AntiVirus": {
+    "category": "undetected",
+    "engine_name": "K7AntiVirus",
+    "engine_update": "20230425",
+    "engine_version": "12.82.47921",
+    "method": "blacklist",
+    "result": null
+  },
+  "K7GW": {
+    "category": "undetected",
+    "engine_name": "K7GW",
+    "engine_update": "20230425",
+    "engine_version": "12.82.47922",
+    "method": "blacklist",
+    "result": null
+  },
+  "Kaspersky": {
+    "category": "malicious",
+    "engine_name": "Kaspersky",
+    "engine_update": "20230426",
+    "engine_version": "22.0.1.28",
+    "method": "blacklist",
+    "result": "HEUR:Backdoor.Linux.Ganiw.d"
+  },
+  "Lionic": {
+    "category": "malicious",
+    "engine_name": "Lionic",
+    "engine_update": "20230426",
+    "engine_version": "7.5",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Ganiw.m!c"
+  },
+  "MAX": {
+    "category": "malicious",
+    "engine_name": "MAX",
+    "engine_update": "20230426",
+    "engine_version": "2023.1.4.1",
+    "method": "blacklist",
+    "result": "malware (ai score=100)"
+  },
+  "Malwarebytes": {
+    "category": "undetected",
+    "engine_name": "Malwarebytes",
+    "engine_update": "20230425",
+    "engine_version": "4.5.5.54",
+    "method": "blacklist",
+    "result": null
+  },
+  "MaxSecure": {
+    "category": "undetected",
+    "engine_name": "MaxSecure",
+    "engine_update": "20230424",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "McAfee": {
+    "category": "undetected",
+    "engine_name": "McAfee",
+    "engine_update": "20230425",
+    "engine_version": "6.0.6.653",
+    "method": "blacklist",
+    "result": null
+  },
+  "McAfee-GW-Edition": {
+    "category": "malicious",
+    "engine_name": "McAfee-GW-Edition",
+    "engine_update": "20230425",
+    "engine_version": "v2021.2.0+4045",
+    "method": "blacklist",
+    "result": "Artemis!Trojan"
+  },
+  "MicroWorld-eScan": {
+    "category": "malicious",
+    "engine_name": "MicroWorld-eScan",
+    "engine_update": "20230426",
+    "engine_version": "14.0.409.0",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.Tsunami.CK"
+  },
+  "Microsoft": {
+    "category": "malicious",
+    "engine_name": "Microsoft",
+    "engine_update": "20230425",
+    "engine_version": "1.1.20200.4",
+    "method": "blacklist",
+    "result": "Trojan:Linux/Multiverze"
+  },
+  "NANO-Antivirus": {
+    "category": "malicious",
+    "engine_name": "NANO-Antivirus",
+    "engine_update": "20230425",
+    "engine_version": "1.0.146.25757",
+    "method": "blacklist",
+    "result": "Trojan.Elf32.Ganiw.eksrqh"
+  },
+  "Paloalto": {
+    "category": "type-unsupported",
+    "engine_name": "Paloalto",
+    "engine_update": "20230426",
+    "engine_version": "0.9.0.1003",
+    "method": "blacklist",
+    "result": null
+  },
+  "Panda": {
+    "category": "undetected",
+    "engine_name": "Panda",
+    "engine_update": "20230425",
+    "engine_version": "4.6.4.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "Rising": {
+    "category": "malicious",
+    "engine_name": "Rising",
+    "engine_update": "20230425",
+    "engine_version": "25.0.0.27",
+    "method": "blacklist",
+    "result": "Backdoor.Setag/Linux!1.A3E5 (CLOUD)"
+  },
+  "SUPERAntiSpyware": {
+    "category": "undetected",
+    "engine_name": "SUPERAntiSpyware",
+    "engine_update": "20230423",
+    "engine_version": "5.6.0.1032",
+    "method": "blacklist",
+    "result": null
+  },
+  "Sangfor": {
+    "category": "malicious",
+    "engine_name": "Sangfor",
+    "engine_update": "20230421",
+    "engine_version": "2.23.0.0",
+    "method": "blacklist",
+    "result": "Suspicious.Linux.Save.a"
+  },
+  "SentinelOne": {
+    "category": "malicious",
+    "engine_name": "SentinelOne",
+    "engine_update": "20230404",
+    "engine_version": "23.2.0.1",
+    "method": "blacklist",
+    "result": "Static AI - Malicious ELF"
+  },
+  "Sophos": {
+    "category": "malicious",
+    "engine_name": "Sophos",
+    "engine_update": "20230426",
+    "engine_version": "2.1.2.0",
+    "method": "blacklist",
+    "result": "Linux/DDoS-BD"
+  },
+  "Symantec": {
+    "category": "malicious",
+    "engine_name": "Symantec",
+    "engine_update": "20230425",
+    "engine_version": "1.20.0.0",
+    "method": "blacklist",
+    "result": "Linux.Chikdos.B!gen2"
+  },
+  "SymantecMobileInsight": {
+    "category": "type-unsupported",
+    "engine_name": "SymantecMobileInsight",
+    "engine_update": "20230119",
+    "engine_version": "2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "TACHYON": {
+    "category": "undetected",
+    "engine_name": "TACHYON",
+    "engine_update": "20230426",
+    "engine_version": "2023-04-26.01",
+    "method": "blacklist",
+    "result": null
+  },
+  "Tencent": {
+    "category": "malicious",
+    "engine_name": "Tencent",
+    "engine_update": "20230426",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": "Backdoor.linux.ganiw.h"
+  },
+  "Trapmine": {
+    "category": "type-unsupported",
+    "engine_name": "Trapmine",
+    "engine_update": "20230412",
+    "engine_version": "4.0.14.446",
+    "method": "blacklist",
+    "result": null
+  },
+  "TrendMicro": {
+    "category": "malicious",
+    "engine_name": "TrendMicro",
+    "engine_update": "20230425",
+    "engine_version": "11.0.0.1006",
+    "method": "blacklist",
+    "result": "ELF_SETAG.DM"
+  },
+  "TrendMicro-HouseCall": {
+    "category": "malicious",
+    "engine_name": "TrendMicro-HouseCall",
+    "engine_update": "20230426",
+    "engine_version": "10.0.0.1040",
+    "method": "blacklist",
+    "result": "ELF_SETAG.DM"
+  },
+  "Trustlook": {
+    "category": "type-unsupported",
+    "engine_name": "Trustlook",
+    "engine_update": "20230426",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VBA32": {
+    "category": "undetected",
+    "engine_name": "VBA32",
+    "engine_update": "20230421",
+    "engine_version": "5.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VIPRE": {
+    "category": "malicious",
+    "engine_name": "VIPRE",
+    "engine_update": "20230425",
+    "engine_version": "6.0.0.35",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.Tsunami.CK"
+  },
+  "ViRobot": {
+    "category": "undetected",
+    "engine_name": "ViRobot",
+    "engine_update": "20230425",
+    "engine_version": "2014.3.20.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VirIT": {
+    "category": "malicious",
+    "engine_name": "VirIT",
+    "engine_update": "20230424",
+    "engine_version": "9.5.435",
+    "method": "blacklist",
+    "result": "Linux.BackDoor.Gates.G"
+  },
+  "Webroot": {
+    "category": "type-unsupported",
+    "engine_name": "Webroot",
+    "engine_update": "20230426",
+    "engine_version": "1.0.0.403",
+    "method": "blacklist",
+    "result": null
+  },
+  "Xcitium": {
+    "category": "malicious",
+    "engine_name": "Xcitium",
+    "engine_update": "20230425",
+    "engine_version": "35588",
+    "method": "blacklist",
+    "result": "Malware@#1fpleign4a7nr"
+  },
+  "Yandex": {
+    "category": "undetected",
+    "engine_name": "Yandex",
+    "engine_update": "20230425",
+    "engine_version": "5.5.2.24",
+    "method": "blacklist",
+    "result": null
+  },
+  "Zillya": {
+    "category": "malicious",
+    "engine_name": "Zillya",
+    "engine_update": "20230424",
+    "engine_version": "2.0.0.4859",
+    "method": "blacklist",
+    "result": "Trojan.Setag.Linux.79"
+  },
+  "ZoneAlarm": {
+    "category": "malicious",
+    "engine_name": "ZoneAlarm",
+    "engine_update": "20230425",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": "HEUR:Backdoor.Linux.Ganiw.d"
+  },
+  "Zoner": {
+    "category": "undetected",
+    "engine_name": "Zoner",
+    "engine_update": "20230425",
+    "engine_version": "2.2.2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "tehtris": {
+    "category": "type-unsupported",
+    "engine_name": "tehtris",
+    "engine_update": "20230426",
+    "engine_version": "v0.1.4",
+    "method": "blacklist",
+    "result": null
+  }
+}
--- a/linux/233e29773d33eec0dcb43eb133d4595735e98d83cbf59d2533f1a88e286dcabe/README.md
+++ b/linux/233e29773d33eec0dcb43eb133d4595735e98d83cbf59d2533f1a88e286dcabe/README.md
@ -0,0 +1,65 @@
+
+# Sample Information
+
+<table>
+  <tr>
+    <td><b>VirusTotal Threat Label</b></td>
+    <td><b><span style="color: red">trojan.mirai/r002c0dfd24</span></b></td>
+  </tr>
+  <tr>
+    <td><b>md5</b></td>
+    <td>2c77be94e0ad2d6e149ba72c1446e39a</td>
+  </tr>
+  <tr>
+    <td><b>sha1</b></td>
+    <td>66eac493ef0af8dbe92f875200ff6604674f1541</td>
+  </tr>
+  <tr>
+    <td><b>sha256</b></td>
+    <td>233e29773d33eec0dcb43eb133d4595735e98d83cbf59d2533f1a88e286dcabe</td>
+  </tr>
+  <tr>
+    <td><b>sha512</b></td>
+    <td>c2a19d703b9f734da8f85b2caf12a38a47077938753222355897012fa570f87e906203a9a8bca0c66cbd2579d7e0c1f2df2132a150f4891819e8246a71b6190d</td>
+  </tr>
+</table>
+
+**VirusTotal**: https://www.virustotal.com/gui/file/233e29773d33eec0dcb43eb133d4595735e98d83cbf59d2533f1a88e286dcabe
+
+## Detection Names
+
+Artemis  
+a variant of Linux/Mirai.CGA  
+Backdoor.Linux.iurg  
+Backdoor:Linux/Mirai.GO!MTB  
+Backdoor.Mirai/Linux!8.13285 (C64:YzY0OiCCCdak1Hd9)  
+DDoS:Linux/Mirai.CUZ  
+Detected  
+E32/Mirai.G.gen!Camelot  
+ELF:Mirai-CRS [Trj]  
+ELF/TrojanGen.A  
+EXP/ELF.Agent.J.12  
+Exploit.EXP/ELF.Agent.J.12  
+Gen:NN.Mirai.36808  
+HEUR:Backdoor.Linux.Mirai.hh  
+Linux.Backdoor.Mirai.hh  
+Linux.Generic.Threat  
+Linux.Mirai.8384  
+Linux/Mirai.CGA!tr  
+Mal/Generic-S  
+Malicious (score: 99)  
+malware (ai score=99)  
+Static AI - Malicious ELF  
+Suspicious.Linux.Save.a  
+Trojan ( 0040f9431 )  
+Trojan[Backdoor]/Linux.Mirai.hh  
+Trojan.Gen.NPE  
+Trojan.Linux.Generic.D7997  
+Trojan.Linux.GenericKD.31127  
+Trojan.Linux.GenericKD.31127 (B)  
+Trojan.Linux.Mirai  
+Trojan.Linux.Mirai.cad  
+Trojan.Linux.Mirai.K!c  
+TROJ_GEN.R002C0DFD24  
+Unix.Trojan.Mirai-9950938-0  
+
--- a/linux/233e29773d33eec0dcb43eb133d4595735e98d83cbf59d2533f1a88e286dcabe/virustotal.json
+++ b/linux/233e29773d33eec0dcb43eb133d4595735e98d83cbf59d2533f1a88e286dcabe/virustotal.json
@ -0,0 +1,626 @@
+{
+  "ALYac": {
+    "category": "malicious",
+    "engine_name": "ALYac",
+    "engine_update": "20240702",
+    "engine_version": "2.0.0.10",
+    "method": "blacklist",
+    "result": "Trojan.Linux.GenericKD.31127"
+  },
+  "APEX": {
+    "category": "type-unsupported",
+    "engine_name": "APEX",
+    "engine_update": "20240701",
+    "engine_version": "6.548",
+    "method": "blacklist",
+    "result": null
+  },
+  "AVG": {
+    "category": "malicious",
+    "engine_name": "AVG",
+    "engine_update": "20240702",
+    "engine_version": "23.9.8494.0",
+    "method": "blacklist",
+    "result": "ELF:Mirai-CRS [Trj]"
+  },
+  "Acronis": {
+    "category": "undetected",
+    "engine_name": "Acronis",
+    "engine_update": "20240328",
+    "engine_version": "1.2.0.121",
+    "method": "blacklist",
+    "result": null
+  },
+  "AhnLab-V3": {
+    "category": "undetected",
+    "engine_name": "AhnLab-V3",
+    "engine_update": "20240702",
+    "engine_version": "3.26.0.10499",
+    "method": "blacklist",
+    "result": null
+  },
+  "Alibaba": {
+    "category": "type-unsupported",
+    "engine_name": "Alibaba",
+    "engine_update": "20190527",
+    "engine_version": "0.3.0.5",
+    "method": "blacklist",
+    "result": null
+  },
+  "Antiy-AVL": {
+    "category": "malicious",
+    "engine_name": "Antiy-AVL",
+    "engine_update": "20240702",
+    "engine_version": "3.0",
+    "method": "blacklist",
+    "result": "Trojan[Backdoor]/Linux.Mirai.hh"
+  },
+  "Arcabit": {
+    "category": "malicious",
+    "engine_name": "Arcabit",
+    "engine_update": "20240702",
+    "engine_version": "2022.0.0.18",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.D7997"
+  },
+  "Avast": {
+    "category": "malicious",
+    "engine_name": "Avast",
+    "engine_update": "20240702",
+    "engine_version": "23.9.8494.0",
+    "method": "blacklist",
+    "result": "ELF:Mirai-CRS [Trj]"
+  },
+  "Avast-Mobile": {
+    "category": "undetected",
+    "engine_name": "Avast-Mobile",
+    "engine_update": "20240701",
+    "engine_version": "240701-00",
+    "method": "blacklist",
+    "result": null
+  },
+  "Avira": {
+    "category": "malicious",
+    "engine_name": "Avira",
+    "engine_update": "20240702",
+    "engine_version": "8.3.3.20",
+    "method": "blacklist",
+    "result": "EXP/ELF.Agent.J.12"
+  },
+  "Baidu": {
+    "category": "undetected",
+    "engine_name": "Baidu",
+    "engine_update": "20190318",
+    "engine_version": "1.0.0.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefender": {
+    "category": "malicious",
+    "engine_name": "BitDefender",
+    "engine_update": "20240702",
+    "engine_version": "7.2",
+    "method": "blacklist",
+    "result": "Trojan.Linux.GenericKD.31127"
+  },
+  "BitDefenderFalx": {
+    "category": "type-unsupported",
+    "engine_name": "BitDefenderFalx",
+    "engine_update": "20240128",
+    "engine_version": "2.0.936",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefenderTheta": {
+    "category": "malicious",
+    "engine_name": "BitDefenderTheta",
+    "engine_update": "20240621",
+    "engine_version": "7.2.37796.0",
+    "method": "blacklist",
+    "result": "Gen:NN.Mirai.36808"
+  },
+  "Bkav": {
+    "category": "undetected",
+    "engine_name": "Bkav",
+    "engine_update": "20240701",
+    "engine_version": "2.0.0.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "CAT-QuickHeal": {
+    "category": "undetected",
+    "engine_name": "CAT-QuickHeal",
+    "engine_update": "20240701",
+    "engine_version": "22.00",
+    "method": "blacklist",
+    "result": null
+  },
+  "CMC": {
+    "category": "undetected",
+    "engine_name": "CMC",
+    "engine_update": "20240702",
+    "engine_version": "2.4.2022.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "ClamAV": {
+    "category": "malicious",
+    "engine_name": "ClamAV",
+    "engine_update": "20240701",
+    "engine_version": "1.3.1.0",
+    "method": "blacklist",
+    "result": "Unix.Trojan.Mirai-9950938-0"
+  },
+  "CrowdStrike": {
+    "category": "undetected",
+    "engine_name": "CrowdStrike",
+    "engine_update": "20231026",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cybereason": {
+    "category": "undetected",
+    "engine_name": "Cybereason",
+    "engine_update": "20240623",
+    "engine_version": "1.2.449",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cylance": {
+    "category": "type-unsupported",
+    "engine_name": "Cylance",
+    "engine_update": "20240627",
+    "engine_version": "3.0.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cynet": {
+    "category": "malicious",
+    "engine_name": "Cynet",
+    "engine_update": "20240702",
+    "engine_version": "4.0.1.1",
+    "method": "blacklist",
+    "result": "Malicious (score: 99)"
+  },
+  "DeepInstinct": {
+    "category": "type-unsupported",
+    "engine_name": "DeepInstinct",
+    "engine_update": "20240625",
+    "engine_version": "5.0.0.8",
+    "method": "blacklist",
+    "result": null
+  },
+  "DrWeb": {
+    "category": "malicious",
+    "engine_name": "DrWeb",
+    "engine_update": "20240702",
+    "engine_version": "7.0.65.5230",
+    "method": "blacklist",
+    "result": "Linux.Mirai.8384"
+  },
+  "ESET-NOD32": {
+    "category": "malicious",
+    "engine_name": "ESET-NOD32",
+    "engine_update": "20240701",
+    "engine_version": "29484",
+    "method": "blacklist",
+    "result": "a variant of Linux/Mirai.CGA"
+  },
+  "Elastic": {
+    "category": "malicious",
+    "engine_name": "Elastic",
+    "engine_update": "20240701",
+    "engine_version": "4.0.156",
+    "method": "blacklist",
+    "result": "Linux.Generic.Threat"
+  },
+  "Emsisoft": {
+    "category": "malicious",
+    "engine_name": "Emsisoft",
+    "engine_update": "20240702",
+    "engine_version": "2024.1.0.53752",
+    "method": "blacklist",
+    "result": "Trojan.Linux.GenericKD.31127 (B)"
+  },
+  "F-Secure": {
+    "category": "malicious",
+    "engine_name": "F-Secure",
+    "engine_update": "20240702",
+    "engine_version": "18.10.1547.307",
+    "method": "blacklist",
+    "result": "Exploit.EXP/ELF.Agent.J.12"
+  },
+  "FireEye": {
+    "category": "malicious",
+    "engine_name": "FireEye",
+    "engine_update": "20240702",
+    "engine_version": "35.47.0.0",
+    "method": "blacklist",
+    "result": "Trojan.Linux.GenericKD.31127"
+  },
+  "Fortinet": {
+    "category": "malicious",
+    "engine_name": "Fortinet",
+    "engine_update": "20240702",
+    "engine_version": "None",
+    "method": "blacklist",
+    "result": "Linux/Mirai.CGA!tr"
+  },
+  "GData": {
+    "category": "malicious",
+    "engine_name": "GData",
+    "engine_update": "20240702",
+    "engine_version": "A:25.38393B:27.36571",
+    "method": "blacklist",
+    "result": "Trojan.Linux.GenericKD.31127"
+  },
+  "Google": {
+    "category": "malicious",
+    "engine_name": "Google",
+    "engine_update": "20240702",
+    "engine_version": "1719898240",
+    "method": "blacklist",
+    "result": "Detected"
+  },
+  "Gridinsoft": {
+    "category": "undetected",
+    "engine_name": "Gridinsoft",
+    "engine_update": "20240702",
+    "engine_version": "1.0.181.174",
+    "method": "blacklist",
+    "result": null
+  },
+  "Ikarus": {
+    "category": "malicious",
+    "engine_name": "Ikarus",
+    "engine_update": "20240701",
+    "engine_version": "6.3.12.0",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Mirai"
+  },
+  "Jiangmin": {
+    "category": "malicious",
+    "engine_name": "Jiangmin",
+    "engine_update": "20240701",
+    "engine_version": "16.0.100",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.iurg"
+  },
+  "K7AntiVirus": {
+    "category": "undetected",
+    "engine_name": "K7AntiVirus",
+    "engine_update": "20240702",
+    "engine_version": "12.171.52466",
+    "method": "blacklist",
+    "result": null
+  },
+  "K7GW": {
+    "category": "malicious",
+    "engine_name": "K7GW",
+    "engine_update": "20240702",
+    "engine_version": "12.171.52466",
+    "method": "blacklist",
+    "result": "Trojan ( 0040f9431 )"
+  },
+  "Kaspersky": {
+    "category": "malicious",
+    "engine_name": "Kaspersky",
+    "engine_update": "20240702",
+    "engine_version": "22.0.1.28",
+    "method": "blacklist",
+    "result": "HEUR:Backdoor.Linux.Mirai.hh"
+  },
+  "Kingsoft": {
+    "category": "malicious",
+    "engine_name": "Kingsoft",
+    "engine_update": "20230906",
+    "engine_version": "None",
+    "method": "blacklist",
+    "result": "Linux.Backdoor.Mirai.hh"
+  },
+  "Lionic": {
+    "category": "malicious",
+    "engine_name": "Lionic",
+    "engine_update": "20240701",
+    "engine_version": "8.16",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Mirai.K!c"
+  },
+  "MAX": {
+    "category": "malicious",
+    "engine_name": "MAX",
+    "engine_update": "20240702",
+    "engine_version": "2023.1.4.1",
+    "method": "blacklist",
+    "result": "malware (ai score=99)"
+  },
+  "Malwarebytes": {
+    "category": "undetected",
+    "engine_name": "Malwarebytes",
+    "engine_update": "20240702",
+    "engine_version": "4.5.5.54",
+    "method": "blacklist",
+    "result": null
+  },
+  "MaxSecure": {
+    "category": "undetected",
+    "engine_name": "MaxSecure",
+    "engine_update": "20240702",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "McAfee": {
+    "category": "undetected",
+    "engine_name": "McAfee",
+    "engine_update": "20240701",
+    "engine_version": "6.0.6.653",
+    "method": "blacklist",
+    "result": null
+  },
+  "McAfeeD": {
+    "category": "type-unsupported",
+    "engine_name": "McAfeeD",
+    "engine_update": "20240702",
+    "engine_version": "1.2.0.7628",
+    "method": "blacklist",
+    "result": null
+  },
+  "MicroWorld-eScan": {
+    "category": "malicious",
+    "engine_name": "MicroWorld-eScan",
+    "engine_update": "20240702",
+    "engine_version": "14.0.409.0",
+    "method": "blacklist",
+    "result": "Trojan.Linux.GenericKD.31127"
+  },
+  "Microsoft": {
+    "category": "malicious",
+    "engine_name": "Microsoft",
+    "engine_update": "20240702",
+    "engine_version": "1.1.24050.5",
+    "method": "blacklist",
+    "result": "Backdoor:Linux/Mirai.GO!MTB"
+  },
+  "NANO-Antivirus": {
+    "category": "undetected",
+    "engine_name": "NANO-Antivirus",
+    "engine_update": "20240702",
+    "engine_version": "1.0.146.25796",
+    "method": "blacklist",
+    "result": null
+  },
+  "Paloalto": {
+    "category": "type-unsupported",
+    "engine_name": "Paloalto",
+    "engine_update": "20240702",
+    "engine_version": "0.9.0.1003",
+    "method": "blacklist",
+    "result": null
+  },
+  "Panda": {
+    "category": "malicious",
+    "engine_name": "Panda",
+    "engine_update": "20240701",
+    "engine_version": "4.6.4.2",
+    "method": "blacklist",
+    "result": "ELF/TrojanGen.A"
+  },
+  "Rising": {
+    "category": "malicious",
+    "engine_name": "Rising",
+    "engine_update": "20240702",
+    "engine_version": "25.0.0.27",
+    "method": "blacklist",
+    "result": "Backdoor.Mirai/Linux!8.13285 (C64:YzY0OiCCCdak1Hd9)"
+  },
+  "SUPERAntiSpyware": {
+    "category": "undetected",
+    "engine_name": "SUPERAntiSpyware",
+    "engine_update": "20240702",
+    "engine_version": "5.6.0.1032",
+    "method": "blacklist",
+    "result": null
+  },
+  "Sangfor": {
+    "category": "malicious",
+    "engine_name": "Sangfor",
+    "engine_update": "20240702",
+    "engine_version": "2.25.10.0",
+    "method": "blacklist",
+    "result": "Suspicious.Linux.Save.a"
+  },
+  "SentinelOne": {
+    "category": "malicious",
+    "engine_name": "SentinelOne",
+    "engine_update": "20240417",
+    "engine_version": "24.2.1.1",
+    "method": "blacklist",
+    "result": "Static AI - Malicious ELF"
+  },
+  "Skyhigh": {
+    "category": "malicious",
+    "engine_name": "Skyhigh",
+    "engine_update": "20240701",
+    "engine_version": "v2021.2.0+4045",
+    "method": "blacklist",
+    "result": "Artemis"
+  },
+  "Sophos": {
+    "category": "malicious",
+    "engine_name": "Sophos",
+    "engine_update": "20240702",
+    "engine_version": "2.5.5.0",
+    "method": "blacklist",
+    "result": "Mal/Generic-S"
+  },
+  "Symantec": {
+    "category": "malicious",
+    "engine_name": "Symantec",
+    "engine_update": "20240702",
+    "engine_version": "1.21.0.0",
+    "method": "blacklist",
+    "result": "Trojan.Gen.NPE"
+  },
+  "SymantecMobileInsight": {
+    "category": "type-unsupported",
+    "engine_name": "SymantecMobileInsight",
+    "engine_update": "20240103",
+    "engine_version": "2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "TACHYON": {
+    "category": "undetected",
+    "engine_name": "TACHYON",
+    "engine_update": "20240701",
+    "engine_version": "2024-07-01.02",
+    "method": "blacklist",
+    "result": null
+  },
+  "Tencent": {
+    "category": "malicious",
+    "engine_name": "Tencent",
+    "engine_update": "20240702",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Mirai.cad"
+  },
+  "Trapmine": {
+    "category": "type-unsupported",
+    "engine_name": "Trapmine",
+    "engine_update": "20240223",
+    "engine_version": "4.0.16.96",
+    "method": "blacklist",
+    "result": null
+  },
+  "TrendMicro": {
+    "category": "malicious",
+    "engine_name": "TrendMicro",
+    "engine_update": "20240702",
+    "engine_version": "11.0.0.1006",
+    "method": "blacklist",
+    "result": "TROJ_GEN.R002C0DFD24"
+  },
+  "TrendMicro-HouseCall": {
+    "category": "malicious",
+    "engine_name": "TrendMicro-HouseCall",
+    "engine_update": "20240702",
+    "engine_version": "10.0.0.1040",
+    "method": "blacklist",
+    "result": "TROJ_GEN.R002C0DFD24"
+  },
+  "Trustlook": {
+    "category": "type-unsupported",
+    "engine_name": "Trustlook",
+    "engine_update": "20240702",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VBA32": {
+    "category": "undetected",
+    "engine_name": "VBA32",
+    "engine_update": "20240701",
+    "engine_version": "5.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VIPRE": {
+    "category": "malicious",
+    "engine_name": "VIPRE",
+    "engine_update": "20240701",
+    "engine_version": "6.0.0.35",
+    "method": "blacklist",
+    "result": "Trojan.Linux.GenericKD.31127"
+  },
+  "Varist": {
+    "category": "malicious",
+    "engine_name": "Varist",
+    "engine_update": "20240702",
+    "engine_version": "6.5.1.2",
+    "method": "blacklist",
+    "result": "E32/Mirai.G.gen!Camelot"
+  },
+  "ViRobot": {
+    "category": "undetected",
+    "engine_name": "ViRobot",
+    "engine_update": "20240702",
+    "engine_version": "2014.3.20.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VirIT": {
+    "category": "undetected",
+    "engine_name": "VirIT",
+    "engine_update": "20240701",
+    "engine_version": "9.5.735",
+    "method": "blacklist",
+    "result": null
+  },
+  "Webroot": {
+    "category": "type-unsupported",
+    "engine_name": "Webroot",
+    "engine_update": "20240702",
+    "engine_version": "1.0.0.403",
+    "method": "blacklist",
+    "result": null
+  },
+  "Xcitium": {
+    "category": "undetected",
+    "engine_name": "Xcitium",
+    "engine_update": "20240702",
+    "engine_version": "36840",
+    "method": "blacklist",
+    "result": null
+  },
+  "Yandex": {
+    "category": "undetected",
+    "engine_name": "Yandex",
+    "engine_update": "20240701",
+    "engine_version": "5.5.2.24",
+    "method": "blacklist",
+    "result": null
+  },
+  "Zillya": {
+    "category": "undetected",
+    "engine_name": "Zillya",
+    "engine_update": "20240701",
+    "engine_version": "2.0.0.5144",
+    "method": "blacklist",
+    "result": null
+  },
+  "ZoneAlarm": {
+    "category": "malicious",
+    "engine_name": "ZoneAlarm",
+    "engine_update": "20240702",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": "HEUR:Backdoor.Linux.Mirai.hh"
+  },
+  "Zoner": {
+    "category": "undetected",
+    "engine_name": "Zoner",
+    "engine_update": "20240702",
+    "engine_version": "2.2.2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "alibabacloud": {
+    "category": "malicious",
+    "engine_name": "alibabacloud",
+    "engine_update": "20240620",
+    "engine_version": "2.1.0",
+    "method": "blacklist",
+    "result": "DDoS:Linux/Mirai.CUZ"
+  },
+  "tehtris": {
+    "category": "undetected",
+    "engine_name": "tehtris",
+    "engine_update": "20240702",
+    "engine_version": "v0.1.4",
+    "method": "blacklist",
+    "result": null
+  }
+}
--- a/linux/43e4589a894146664907f21c8817d16b02d353d0d9af02bd8db67c21891b8c08/README.md
+++ b/linux/43e4589a894146664907f21c8817d16b02d353d0d9af02bd8db67c21891b8c08/README.md
@ -0,0 +1,53 @@
+
+# Sample Information
+
+<table>
+  <tr>
+    <td><b>VirusTotal Threat Label</b></td>
+    <td><b><span style="color: red">unknown</span></b></td>
+  </tr>
+  <tr>
+    <td><b>md5</b></td>
+    <td>836141ff2bacfb24243b2a7dd9ab535b</td>
+  </tr>
+  <tr>
+    <td><b>sha1</b></td>
+    <td>88db296aeec228756dd7854d7d88e412a98331e2</td>
+  </tr>
+  <tr>
+    <td><b>sha256</b></td>
+    <td>43e4589a894146664907f21c8817d16b02d353d0d9af02bd8db67c21891b8c08</td>
+  </tr>
+  <tr>
+    <td><b>sha512</b></td>
+    <td>b5e99d3bf005a41bf1db8048484929ff06a3510f9f9146ff68560e17e56dd3f0a3f990ccea67d5821f261987141844f0358d95de5be655c9197214892152c622</td>
+  </tr>
+</table>
+
+**VirusTotal**: https://www.virustotal.com/gui/file/43e4589a894146664907f21c8817d16b02d353d0d9af02bd8db67c21891b8c08
+
+## Detection Names
+
+a variant of Linux/Mirai.BR  
+Backdoor.Linux.ckja  
+Backdoor.Linux.Mirai.was  
+Backdoor.Mirai/Linux!1.BAF6 (CLOUD)  
+Backdoor.Mirai.Linux.50936  
+HEUR:Backdoor.Linux.Mirai.dx  
+Linux.Mirai  
+Linux.Mirai.1439  
+Linux/Mirai.BR!tr  
+Linux.Mirai.CDJ  
+LINUX/Mirai.mmvhk  
+Malicious (score: 99)  
+Other:Malware-gen [Trj]  
+RDN/Generic BackDoor.vq  
+Trojan.Linux.Generic.48222  
+Trojan.Linux.Generic.48222 (B)  
+Trojan.Linux.Generic.DBC5E  
+Trojan.Linux.Mirai  
+Trojan.Linux.Mirai.K!c  
+Trojan.Mirai.fmuckw  
+Trojan:Win32/Mirai!ml  
+Unix.Malware.Agent-6885382-0  
+
--- a/linux/43e4589a894146664907f21c8817d16b02d353d0d9af02bd8db67c21891b8c08/virustotal.json
+++ b/linux/43e4589a894146664907f21c8817d16b02d353d0d9af02bd8db67c21891b8c08/virustotal.json
@ -0,0 +1,586 @@
+{
+  "ALYac": {
+    "category": "malicious",
+    "engine_name": "ALYac",
+    "engine_update": "20220111",
+    "engine_version": "1.1.3.1",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.48222"
+  },
+  "APEX": {
+    "category": "type-unsupported",
+    "engine_name": "APEX",
+    "engine_update": "20220110",
+    "engine_version": "6.248",
+    "method": "blacklist",
+    "result": null
+  },
+  "AVG": {
+    "category": "malicious",
+    "engine_name": "AVG",
+    "engine_update": "20220111",
+    "engine_version": "21.1.5827.0",
+    "method": "blacklist",
+    "result": "Other:Malware-gen [Trj]"
+  },
+  "Acronis": {
+    "category": "undetected",
+    "engine_name": "Acronis",
+    "engine_update": "20210512",
+    "engine_version": "1.1.1.82",
+    "method": "blacklist",
+    "result": null
+  },
+  "Ad-Aware": {
+    "category": "malicious",
+    "engine_name": "Ad-Aware",
+    "engine_update": "20220111",
+    "engine_version": "3.0.21.193",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.48222"
+  },
+  "AhnLab-V3": {
+    "category": "undetected",
+    "engine_name": "AhnLab-V3",
+    "engine_update": "20220110",
+    "engine_version": "3.21.2.10258",
+    "method": "blacklist",
+    "result": null
+  },
+  "Alibaba": {
+    "category": "type-unsupported",
+    "engine_name": "Alibaba",
+    "engine_update": "20190527",
+    "engine_version": "0.3.0.5",
+    "method": "blacklist",
+    "result": null
+  },
+  "Antiy-AVL": {
+    "category": "undetected",
+    "engine_name": "Antiy-AVL",
+    "engine_update": "20220111",
+    "engine_version": "3.0.0.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "Arcabit": {
+    "category": "malicious",
+    "engine_name": "Arcabit",
+    "engine_update": "20220111",
+    "engine_version": "1.0.0.888",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.DBC5E"
+  },
+  "Avast": {
+    "category": "malicious",
+    "engine_name": "Avast",
+    "engine_update": "20220111",
+    "engine_version": "21.1.5827.0",
+    "method": "blacklist",
+    "result": "Other:Malware-gen [Trj]"
+  },
+  "Avast-Mobile": {
+    "category": "undetected",
+    "engine_name": "Avast-Mobile",
+    "engine_update": "20220110",
+    "engine_version": "220110-04",
+    "method": "blacklist",
+    "result": null
+  },
+  "Avira": {
+    "category": "malicious",
+    "engine_name": "Avira",
+    "engine_update": "20220111",
+    "engine_version": "8.3.3.12",
+    "method": "blacklist",
+    "result": "LINUX/Mirai.mmvhk"
+  },
+  "Baidu": {
+    "category": "undetected",
+    "engine_name": "Baidu",
+    "engine_update": "20190318",
+    "engine_version": "1.0.0.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefender": {
+    "category": "malicious",
+    "engine_name": "BitDefender",
+    "engine_update": "20220111",
+    "engine_version": "7.2",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.48222"
+  },
+  "BitDefenderFalx": {
+    "category": "type-unsupported",
+    "engine_name": "BitDefenderFalx",
+    "engine_update": "20220103",
+    "engine_version": "2.0.936",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefenderTheta": {
+    "category": "undetected",
+    "engine_name": "BitDefenderTheta",
+    "engine_update": "20211223",
+    "engine_version": "7.2.37796.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Bkav": {
+    "category": "undetected",
+    "engine_name": "Bkav",
+    "engine_update": "20220110",
+    "engine_version": "1.3.0.9899",
+    "method": "blacklist",
+    "result": null
+  },
+  "CAT-QuickHeal": {
+    "category": "undetected",
+    "engine_name": "CAT-QuickHeal",
+    "engine_update": "20220110",
+    "engine_version": "14.00",
+    "method": "blacklist",
+    "result": null
+  },
+  "CMC": {
+    "category": "undetected",
+    "engine_name": "CMC",
+    "engine_update": "20211026",
+    "engine_version": "2.10.2019.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "ClamAV": {
+    "category": "malicious",
+    "engine_name": "ClamAV",
+    "engine_update": "20220110",
+    "engine_version": "0.104.1.0",
+    "method": "blacklist",
+    "result": "Unix.Malware.Agent-6885382-0"
+  },
+  "Comodo": {
+    "category": "undetected",
+    "engine_name": "Comodo",
+    "engine_update": "20220110",
+    "engine_version": "34252",
+    "method": "blacklist",
+    "result": null
+  },
+  "CrowdStrike": {
+    "category": "type-unsupported",
+    "engine_name": "CrowdStrike",
+    "engine_update": "20210203",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cybereason": {
+    "category": "type-unsupported",
+    "engine_name": "Cybereason",
+    "engine_update": "20210330",
+    "engine_version": "1.2.449",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cylance": {
+    "category": "type-unsupported",
+    "engine_name": "Cylance",
+    "engine_update": "20220111",
+    "engine_version": "2.3.1.101",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cynet": {
+    "category": "malicious",
+    "engine_name": "Cynet",
+    "engine_update": "20220111",
+    "engine_version": "4.0.0.27",
+    "method": "blacklist",
+    "result": "Malicious (score: 99)"
+  },
+  "Cyren": {
+    "category": "undetected",
+    "engine_name": "Cyren",
+    "engine_update": "20220111",
+    "engine_version": "6.5.1.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "DrWeb": {
+    "category": "malicious",
+    "engine_name": "DrWeb",
+    "engine_update": "20220111",
+    "engine_version": "7.0.52.8270",
+    "method": "blacklist",
+    "result": "Linux.Mirai.1439"
+  },
+  "ESET-NOD32": {
+    "category": "malicious",
+    "engine_name": "ESET-NOD32",
+    "engine_update": "20220111",
+    "engine_version": "24599",
+    "method": "blacklist",
+    "result": "a variant of Linux/Mirai.BR"
+  },
+  "Elastic": {
+    "category": "undetected",
+    "engine_name": "Elastic",
+    "engine_update": "20211223",
+    "engine_version": "4.0.32",
+    "method": "blacklist",
+    "result": null
+  },
+  "Emsisoft": {
+    "category": "malicious",
+    "engine_name": "Emsisoft",
+    "engine_update": "20220111",
+    "engine_version": "2021.5.0.7597",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.48222 (B)"
+  },
+  "F-Secure": {
+    "category": "undetected",
+    "engine_name": "F-Secure",
+    "engine_update": "20220111",
+    "engine_version": "12.0.86.52",
+    "method": "blacklist",
+    "result": null
+  },
+  "FireEye": {
+    "category": "malicious",
+    "engine_name": "FireEye",
+    "engine_update": "20220111",
+    "engine_version": "32.44.1.0",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.48222"
+  },
+  "Fortinet": {
+    "category": "malicious",
+    "engine_name": "Fortinet",
+    "engine_update": "20220111",
+    "engine_version": "6.2.142.0",
+    "method": "blacklist",
+    "result": "Linux/Mirai.BR!tr"
+  },
+  "GData": {
+    "category": "malicious",
+    "engine_name": "GData",
+    "engine_update": "20220111",
+    "engine_version": "A:25.31993B:27.25825",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.48222"
+  },
+  "Gridinsoft": {
+    "category": "undetected",
+    "engine_name": "Gridinsoft",
+    "engine_update": "20220111",
+    "engine_version": "1.0.68.170",
+    "method": "blacklist",
+    "result": null
+  },
+  "Ikarus": {
+    "category": "malicious",
+    "engine_name": "Ikarus",
+    "engine_update": "20220110",
+    "engine_version": "0.1.5.2",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Mirai"
+  },
+  "Jiangmin": {
+    "category": "malicious",
+    "engine_name": "Jiangmin",
+    "engine_update": "20220110",
+    "engine_version": "16.0.100",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.ckja"
+  },
+  "K7AntiVirus": {
+    "category": "undetected",
+    "engine_name": "K7AntiVirus",
+    "engine_update": "20220111",
+    "engine_version": "11.241.40275",
+    "method": "blacklist",
+    "result": null
+  },
+  "K7GW": {
+    "category": "undetected",
+    "engine_name": "K7GW",
+    "engine_update": "20220110",
+    "engine_version": "11.241.40265",
+    "method": "blacklist",
+    "result": null
+  },
+  "Kaspersky": {
+    "category": "malicious",
+    "engine_name": "Kaspersky",
+    "engine_update": "20220111",
+    "engine_version": "21.0.1.45",
+    "method": "blacklist",
+    "result": "HEUR:Backdoor.Linux.Mirai.dx"
+  },
+  "Kingsoft": {
+    "category": "undetected",
+    "engine_name": "Kingsoft",
+    "engine_update": "20220111",
+    "engine_version": "2017.9.26.565",
+    "method": "blacklist",
+    "result": null
+  },
+  "Lionic": {
+    "category": "malicious",
+    "engine_name": "Lionic",
+    "engine_update": "20220111",
+    "engine_version": "4.2",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Mirai.K!c"
+  },
+  "MAX": {
+    "category": "undetected",
+    "engine_name": "MAX",
+    "engine_update": "20220111",
+    "engine_version": "2019.9.16.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "Malwarebytes": {
+    "category": "undetected",
+    "engine_name": "Malwarebytes",
+    "engine_update": "20220111",
+    "engine_version": "4.2.2.27",
+    "method": "blacklist",
+    "result": null
+  },
+  "MaxSecure": {
+    "category": "undetected",
+    "engine_name": "MaxSecure",
+    "engine_update": "20220105",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "McAfee": {
+    "category": "malicious",
+    "engine_name": "McAfee",
+    "engine_update": "20220111",
+    "engine_version": "6.0.6.653",
+    "method": "blacklist",
+    "result": "RDN/Generic BackDoor.vq"
+  },
+  "McAfee-GW-Edition": {
+    "category": "malicious",
+    "engine_name": "McAfee-GW-Edition",
+    "engine_update": "20220111",
+    "engine_version": "v2019.1.2+3728",
+    "method": "blacklist",
+    "result": "RDN/Generic BackDoor.vq"
+  },
+  "MicroWorld-eScan": {
+    "category": "malicious",
+    "engine_name": "MicroWorld-eScan",
+    "engine_update": "20220111",
+    "engine_version": "14.0.409.0",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.48222"
+  },
+  "Microsoft": {
+    "category": "malicious",
+    "engine_name": "Microsoft",
+    "engine_update": "20220111",
+    "engine_version": "1.1.18800.4",
+    "method": "blacklist",
+    "result": "Trojan:Win32/Mirai!ml"
+  },
+  "NANO-Antivirus": {
+    "category": "malicious",
+    "engine_name": "NANO-Antivirus",
+    "engine_update": "20220111",
+    "engine_version": "1.0.146.25520",
+    "method": "blacklist",
+    "result": "Trojan.Mirai.fmuckw"
+  },
+  "Paloalto": {
+    "category": "type-unsupported",
+    "engine_name": "Paloalto",
+    "engine_update": "20220111",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Panda": {
+    "category": "undetected",
+    "engine_name": "Panda",
+    "engine_update": "20220110",
+    "engine_version": "4.6.4.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "Rising": {
+    "category": "malicious",
+    "engine_name": "Rising",
+    "engine_update": "20220111",
+    "engine_version": "25.0.0.27",
+    "method": "blacklist",
+    "result": "Backdoor.Mirai/Linux!1.BAF6 (CLOUD)"
+  },
+  "SUPERAntiSpyware": {
+    "category": "undetected",
+    "engine_name": "SUPERAntiSpyware",
+    "engine_update": "20220108",
+    "engine_version": "5.6.0.1032",
+    "method": "blacklist",
+    "result": null
+  },
+  "Sangfor": {
+    "category": "undetected",
+    "engine_name": "Sangfor",
+    "engine_update": "20211224",
+    "engine_version": "2.9.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "SentinelOne": {
+    "category": "type-unsupported",
+    "engine_name": "SentinelOne",
+    "engine_update": "20211129",
+    "engine_version": "7.0.0.7",
+    "method": "blacklist",
+    "result": null
+  },
+  "Sophos": {
+    "category": "undetected",
+    "engine_name": "Sophos",
+    "engine_update": "20220111",
+    "engine_version": "1.4.1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Symantec": {
+    "category": "malicious",
+    "engine_name": "Symantec",
+    "engine_update": "20220110",
+    "engine_version": "1.16.0.0",
+    "method": "blacklist",
+    "result": "Linux.Mirai"
+  },
+  "SymantecMobileInsight": {
+    "category": "failure",
+    "engine_name": "SymantecMobileInsight",
+    "engine_update": "20211119",
+    "engine_version": "2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "TACHYON": {
+    "category": "undetected",
+    "engine_name": "TACHYON",
+    "engine_update": "20220111",
+    "engine_version": "2022-01-11.01",
+    "method": "blacklist",
+    "result": null
+  },
+  "Tencent": {
+    "category": "malicious",
+    "engine_name": "Tencent",
+    "engine_update": "20220111",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.Mirai.was"
+  },
+  "TrendMicro": {
+    "category": "undetected",
+    "engine_name": "TrendMicro",
+    "engine_update": "20220111",
+    "engine_version": "11.0.0.1006",
+    "method": "blacklist",
+    "result": null
+  },
+  "TrendMicro-HouseCall": {
+    "category": "undetected",
+    "engine_name": "TrendMicro-HouseCall",
+    "engine_update": "20220110",
+    "engine_version": "10.0.0.1040",
+    "method": "blacklist",
+    "result": null
+  },
+  "Trustlook": {
+    "category": "type-unsupported",
+    "engine_name": "Trustlook",
+    "engine_update": "20220111",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VBA32": {
+    "category": "undetected",
+    "engine_name": "VBA32",
+    "engine_update": "20220110",
+    "engine_version": "5.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VIPRE": {
+    "category": "undetected",
+    "engine_name": "VIPRE",
+    "engine_update": "20220111",
+    "engine_version": "98290",
+    "method": "blacklist",
+    "result": null
+  },
+  "ViRobot": {
+    "category": "undetected",
+    "engine_name": "ViRobot",
+    "engine_update": "20220110",
+    "engine_version": "2014.3.20.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VirIT": {
+    "category": "malicious",
+    "engine_name": "VirIT",
+    "engine_update": "20220110",
+    "engine_version": "9.5.108",
+    "method": "blacklist",
+    "result": "Linux.Mirai.CDJ"
+  },
+  "Webroot": {
+    "category": "type-unsupported",
+    "engine_name": "Webroot",
+    "engine_update": "20220111",
+    "engine_version": "1.0.0.403",
+    "method": "blacklist",
+    "result": null
+  },
+  "Yandex": {
+    "category": "undetected",
+    "engine_name": "Yandex",
+    "engine_update": "20220110",
+    "engine_version": "5.5.2.24",
+    "method": "blacklist",
+    "result": null
+  },
+  "Zillya": {
+    "category": "malicious",
+    "engine_name": "Zillya",
+    "engine_update": "20220109",
+    "engine_version": "2.0.0.4542",
+    "method": "blacklist",
+    "result": "Backdoor.Mirai.Linux.50936"
+  },
+  "Zoner": {
+    "category": "undetected",
+    "engine_name": "Zoner",
+    "engine_update": "20220110",
+    "engine_version": "2.2.2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "eGambit": {
+    "category": "type-unsupported",
+    "engine_name": "eGambit",
+    "engine_update": "20220111",
+    "engine_version": null,
+    "method": "blacklist",
+    "result": null
+  }
+}
--- a/linux/44c21f98d1fe78e1466ddc9dfd1113e1e416934b6a0eb2b1da0bcf27535f7775/README.md
+++ b/linux/44c21f98d1fe78e1466ddc9dfd1113e1e416934b6a0eb2b1da0bcf27535f7775/README.md
@ -0,0 +1,60 @@
+
+# Sample Information
+
+<table>
+  <tr>
+    <td><b>VirusTotal Threat Label</b></td>
+    <td><b><span style="color: red">trojan.mirai/gafgyt</span></b></td>
+  </tr>
+  <tr>
+    <td><b>md5</b></td>
+    <td>cadc906c5123702e80d8047cabc77170</td>
+  </tr>
+  <tr>
+    <td><b>sha1</b></td>
+    <td>a4e4f736200d84284d67bc41361638ff43f0e99d</td>
+  </tr>
+  <tr>
+    <td><b>sha256</b></td>
+    <td>44c21f98d1fe78e1466ddc9dfd1113e1e416934b6a0eb2b1da0bcf27535f7775</td>
+  </tr>
+  <tr>
+    <td><b>sha512</b></td>
+    <td>04e43ef9e24f050a2e1223bbcf3f20bac34913d1425929232fd1bf3e4a3f5e5bbc3dac60c0026682be5540a05cfc72d15c123fd5cc5a41636d517b7c1811d3d8</td>
+  </tr>
+</table>
+
+**VirusTotal**: https://www.virustotal.com/gui/file/44c21f98d1fe78e1466ddc9dfd1113e1e416934b6a0eb2b1da0bcf27535f7775
+
+## Detection Names
+
+a variant of Linux/Gafgyt.AXI  
+Backdoor.Linux.Mirai.wan  
+DDoS  
+Detected  
+E32/ABRisk.EROA-7  
+ELF/Mirai.A!tr  
+ELF/TrojanGen.A  
+Exploit.CVE-2017-17215!8.1058B (TFE:17:5yO1GHIYYTK)  
+HEUR:Backdoor.Linux.Mirai.b  
+Linux.Backdoor.Mirai.b  
+LINUX/Gafgyt.pvebx  
+Linux.Siggen.9999  
+Mal/Generic-S  
+Malicious (score: 99)  
+Malware.LINUX/Gafgyt.pvebx  
+Other:Malware-gen [Trj]  
+Possible_SMMODUPXA  
+Suspicious.Linux.Save.a  
+Trojan[Backdoor]/Linux.Gafgyt.a  
+TrojanDDoS.Linux.nk  
+Trojan.Generic.35965739  
+Trojan.Generic.35965739 (B)  
+Trojan.Generic.D224CB2B  
+Trojan.Gen.NPE  
+Trojan.Linux.Gafgyt  
+Trojan.Linux.Mirai.K!c  
+Trojan:Linux/Multiverze  
+Trojan.Malware.121218.susgen  
+Unix.Trojan.DarkNexus-7679166-0  
+
--- a/linux/44c21f98d1fe78e1466ddc9dfd1113e1e416934b6a0eb2b1da0bcf27535f7775/virustotal.json
+++ b/linux/44c21f98d1fe78e1466ddc9dfd1113e1e416934b6a0eb2b1da0bcf27535f7775/virustotal.json
@ -0,0 +1,626 @@
+{
+  "ALYac": {
+    "category": "malicious",
+    "engine_name": "ALYac",
+    "engine_update": "20240629",
+    "engine_version": "2.0.0.10",
+    "method": "blacklist",
+    "result": "Trojan.Generic.35965739"
+  },
+  "APEX": {
+    "category": "type-unsupported",
+    "engine_name": "APEX",
+    "engine_update": "20240628",
+    "engine_version": "6.547",
+    "method": "blacklist",
+    "result": null
+  },
+  "AVG": {
+    "category": "malicious",
+    "engine_name": "AVG",
+    "engine_update": "20240629",
+    "engine_version": "23.9.8494.0",
+    "method": "blacklist",
+    "result": "Other:Malware-gen [Trj]"
+  },
+  "Acronis": {
+    "category": "undetected",
+    "engine_name": "Acronis",
+    "engine_update": "20240328",
+    "engine_version": "1.2.0.121",
+    "method": "blacklist",
+    "result": null
+  },
+  "AhnLab-V3": {
+    "category": "undetected",
+    "engine_name": "AhnLab-V3",
+    "engine_update": "20240629",
+    "engine_version": "3.26.0.10499",
+    "method": "blacklist",
+    "result": null
+  },
+  "Alibaba": {
+    "category": "type-unsupported",
+    "engine_name": "Alibaba",
+    "engine_update": "20190527",
+    "engine_version": "0.3.0.5",
+    "method": "blacklist",
+    "result": null
+  },
+  "Antiy-AVL": {
+    "category": "malicious",
+    "engine_name": "Antiy-AVL",
+    "engine_update": "20240629",
+    "engine_version": "3.0",
+    "method": "blacklist",
+    "result": "Trojan[Backdoor]/Linux.Gafgyt.a"
+  },
+  "Arcabit": {
+    "category": "malicious",
+    "engine_name": "Arcabit",
+    "engine_update": "20240629",
+    "engine_version": "2022.0.0.18",
+    "method": "blacklist",
+    "result": "Trojan.Generic.D224CB2B"
+  },
+  "Avast": {
+    "category": "malicious",
+    "engine_name": "Avast",
+    "engine_update": "20240629",
+    "engine_version": "23.9.8494.0",
+    "method": "blacklist",
+    "result": "Other:Malware-gen [Trj]"
+  },
+  "Avast-Mobile": {
+    "category": "undetected",
+    "engine_name": "Avast-Mobile",
+    "engine_update": "20240629",
+    "engine_version": "240629-04",
+    "method": "blacklist",
+    "result": null
+  },
+  "Avira": {
+    "category": "malicious",
+    "engine_name": "Avira",
+    "engine_update": "20240629",
+    "engine_version": "8.3.3.18",
+    "method": "blacklist",
+    "result": "LINUX/Gafgyt.pvebx"
+  },
+  "Baidu": {
+    "category": "undetected",
+    "engine_name": "Baidu",
+    "engine_update": "20190318",
+    "engine_version": "1.0.0.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefender": {
+    "category": "malicious",
+    "engine_name": "BitDefender",
+    "engine_update": "20240629",
+    "engine_version": "7.2",
+    "method": "blacklist",
+    "result": "Trojan.Generic.35965739"
+  },
+  "BitDefenderFalx": {
+    "category": "type-unsupported",
+    "engine_name": "BitDefenderFalx",
+    "engine_update": "20240128",
+    "engine_version": "2.0.936",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefenderTheta": {
+    "category": "undetected",
+    "engine_name": "BitDefenderTheta",
+    "engine_update": "20240621",
+    "engine_version": "7.2.37796.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Bkav": {
+    "category": "undetected",
+    "engine_name": "Bkav",
+    "engine_update": "20240629",
+    "engine_version": "2.0.0.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "CAT-QuickHeal": {
+    "category": "undetected",
+    "engine_name": "CAT-QuickHeal",
+    "engine_update": "20240628",
+    "engine_version": "22.00",
+    "method": "blacklist",
+    "result": null
+  },
+  "CMC": {
+    "category": "undetected",
+    "engine_name": "CMC",
+    "engine_update": "20240628",
+    "engine_version": "2.4.2022.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "ClamAV": {
+    "category": "malicious",
+    "engine_name": "ClamAV",
+    "engine_update": "20240629",
+    "engine_version": "1.3.1.0",
+    "method": "blacklist",
+    "result": "Unix.Trojan.DarkNexus-7679166-0"
+  },
+  "CrowdStrike": {
+    "category": "timeout",
+    "engine_name": "CrowdStrike",
+    "engine_update": "20231026",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cybereason": {
+    "category": "undetected",
+    "engine_name": "Cybereason",
+    "engine_update": "20240623",
+    "engine_version": "1.2.449",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cylance": {
+    "category": "type-unsupported",
+    "engine_name": "Cylance",
+    "engine_update": "20240627",
+    "engine_version": "3.0.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cynet": {
+    "category": "malicious",
+    "engine_name": "Cynet",
+    "engine_update": "20240629",
+    "engine_version": "4.0.1.1",
+    "method": "blacklist",
+    "result": "Malicious (score: 99)"
+  },
+  "DeepInstinct": {
+    "category": "type-unsupported",
+    "engine_name": "DeepInstinct",
+    "engine_update": "20240625",
+    "engine_version": "5.0.0.8",
+    "method": "blacklist",
+    "result": null
+  },
+  "DrWeb": {
+    "category": "malicious",
+    "engine_name": "DrWeb",
+    "engine_update": "20240629",
+    "engine_version": "7.0.65.5230",
+    "method": "blacklist",
+    "result": "Linux.Siggen.9999"
+  },
+  "ESET-NOD32": {
+    "category": "malicious",
+    "engine_name": "ESET-NOD32",
+    "engine_update": "20240629",
+    "engine_version": "29474",
+    "method": "blacklist",
+    "result": "a variant of Linux/Gafgyt.AXI"
+  },
+  "Elastic": {
+    "category": "undetected",
+    "engine_name": "Elastic",
+    "engine_update": "20240628",
+    "engine_version": "4.0.155",
+    "method": "blacklist",
+    "result": null
+  },
+  "Emsisoft": {
+    "category": "malicious",
+    "engine_name": "Emsisoft",
+    "engine_update": "20240629",
+    "engine_version": "2024.1.0.53752",
+    "method": "blacklist",
+    "result": "Trojan.Generic.35965739 (B)"
+  },
+  "F-Secure": {
+    "category": "malicious",
+    "engine_name": "F-Secure",
+    "engine_update": "20240629",
+    "engine_version": "18.10.1547.307",
+    "method": "blacklist",
+    "result": "Malware.LINUX/Gafgyt.pvebx"
+  },
+  "FireEye": {
+    "category": "malicious",
+    "engine_name": "FireEye",
+    "engine_update": "20240629",
+    "engine_version": "35.47.0.0",
+    "method": "blacklist",
+    "result": "Trojan.Generic.35965739"
+  },
+  "Fortinet": {
+    "category": "malicious",
+    "engine_name": "Fortinet",
+    "engine_update": "20240629",
+    "engine_version": "None",
+    "method": "blacklist",
+    "result": "ELF/Mirai.A!tr"
+  },
+  "GData": {
+    "category": "malicious",
+    "engine_name": "GData",
+    "engine_update": "20240629",
+    "engine_version": "A:25.38373B:27.36538",
+    "method": "blacklist",
+    "result": "Trojan.Generic.35965739"
+  },
+  "Google": {
+    "category": "malicious",
+    "engine_name": "Google",
+    "engine_update": "20240629",
+    "engine_version": "1719655229",
+    "method": "blacklist",
+    "result": "Detected"
+  },
+  "Gridinsoft": {
+    "category": "undetected",
+    "engine_name": "Gridinsoft",
+    "engine_update": "20240629",
+    "engine_version": "1.0.181.174",
+    "method": "blacklist",
+    "result": null
+  },
+  "Ikarus": {
+    "category": "malicious",
+    "engine_name": "Ikarus",
+    "engine_update": "20240629",
+    "engine_version": "6.3.12.0",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Gafgyt"
+  },
+  "Jiangmin": {
+    "category": "malicious",
+    "engine_name": "Jiangmin",
+    "engine_update": "20240628",
+    "engine_version": "16.0.100",
+    "method": "blacklist",
+    "result": "TrojanDDoS.Linux.nk"
+  },
+  "K7AntiVirus": {
+    "category": "undetected",
+    "engine_name": "K7AntiVirus",
+    "engine_update": "20240629",
+    "engine_version": "12.170.52445",
+    "method": "blacklist",
+    "result": null
+  },
+  "K7GW": {
+    "category": "undetected",
+    "engine_name": "K7GW",
+    "engine_update": "20240629",
+    "engine_version": "12.170.52444",
+    "method": "blacklist",
+    "result": null
+  },
+  "Kaspersky": {
+    "category": "malicious",
+    "engine_name": "Kaspersky",
+    "engine_update": "20240629",
+    "engine_version": "22.0.1.28",
+    "method": "blacklist",
+    "result": "HEUR:Backdoor.Linux.Mirai.b"
+  },
+  "Kingsoft": {
+    "category": "malicious",
+    "engine_name": "Kingsoft",
+    "engine_update": "20230906",
+    "engine_version": "None",
+    "method": "blacklist",
+    "result": "Linux.Backdoor.Mirai.b"
+  },
+  "Lionic": {
+    "category": "malicious",
+    "engine_name": "Lionic",
+    "engine_update": "20240629",
+    "engine_version": "8.16",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Mirai.K!c"
+  },
+  "MAX": {
+    "category": "undetected",
+    "engine_name": "MAX",
+    "engine_update": "20240629",
+    "engine_version": "2023.1.4.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "Malwarebytes": {
+    "category": "undetected",
+    "engine_name": "Malwarebytes",
+    "engine_update": "20240629",
+    "engine_version": "4.5.5.54",
+    "method": "blacklist",
+    "result": null
+  },
+  "MaxSecure": {
+    "category": "malicious",
+    "engine_name": "MaxSecure",
+    "engine_update": "20240628",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": "Trojan.Malware.121218.susgen"
+  },
+  "McAfee": {
+    "category": "undetected",
+    "engine_name": "McAfee",
+    "engine_update": "20240628",
+    "engine_version": "6.0.6.653",
+    "method": "blacklist",
+    "result": null
+  },
+  "McAfeeD": {
+    "category": "type-unsupported",
+    "engine_name": "McAfeeD",
+    "engine_update": "20240629",
+    "engine_version": "1.2.0.7628",
+    "method": "blacklist",
+    "result": null
+  },
+  "MicroWorld-eScan": {
+    "category": "malicious",
+    "engine_name": "MicroWorld-eScan",
+    "engine_update": "20240629",
+    "engine_version": "14.0.409.0",
+    "method": "blacklist",
+    "result": "Trojan.Generic.35965739"
+  },
+  "Microsoft": {
+    "category": "malicious",
+    "engine_name": "Microsoft",
+    "engine_update": "20240629",
+    "engine_version": "1.1.24050.5",
+    "method": "blacklist",
+    "result": "Trojan:Linux/Multiverze"
+  },
+  "NANO-Antivirus": {
+    "category": "undetected",
+    "engine_name": "NANO-Antivirus",
+    "engine_update": "20240629",
+    "engine_version": "1.0.146.25796",
+    "method": "blacklist",
+    "result": null
+  },
+  "Paloalto": {
+    "category": "type-unsupported",
+    "engine_name": "Paloalto",
+    "engine_update": "20240629",
+    "engine_version": "0.9.0.1003",
+    "method": "blacklist",
+    "result": null
+  },
+  "Panda": {
+    "category": "malicious",
+    "engine_name": "Panda",
+    "engine_update": "20240628",
+    "engine_version": "4.6.4.2",
+    "method": "blacklist",
+    "result": "ELF/TrojanGen.A"
+  },
+  "Rising": {
+    "category": "malicious",
+    "engine_name": "Rising",
+    "engine_update": "20240629",
+    "engine_version": "25.0.0.27",
+    "method": "blacklist",
+    "result": "Exploit.CVE-2017-17215!8.1058B (TFE:17:5yO1GHIYYTK)"
+  },
+  "SUPERAntiSpyware": {
+    "category": "undetected",
+    "engine_name": "SUPERAntiSpyware",
+    "engine_update": "20240629",
+    "engine_version": "5.6.0.1032",
+    "method": "blacklist",
+    "result": null
+  },
+  "Sangfor": {
+    "category": "malicious",
+    "engine_name": "Sangfor",
+    "engine_update": "20240627",
+    "engine_version": "2.25.10.0",
+    "method": "blacklist",
+    "result": "Suspicious.Linux.Save.a"
+  },
+  "SentinelOne": {
+    "category": "failure",
+    "engine_name": "SentinelOne",
+    "engine_update": "20240417",
+    "engine_version": "24.2.1.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "Skyhigh": {
+    "category": "undetected",
+    "engine_name": "Skyhigh",
+    "engine_update": "20240628",
+    "engine_version": "v2021.2.0+4045",
+    "method": "blacklist",
+    "result": null
+  },
+  "Sophos": {
+    "category": "malicious",
+    "engine_name": "Sophos",
+    "engine_update": "20240629",
+    "engine_version": "2.5.5.0",
+    "method": "blacklist",
+    "result": "Mal/Generic-S"
+  },
+  "Symantec": {
+    "category": "malicious",
+    "engine_name": "Symantec",
+    "engine_update": "20240628",
+    "engine_version": "1.21.0.0",
+    "method": "blacklist",
+    "result": "Trojan.Gen.NPE"
+  },
+  "SymantecMobileInsight": {
+    "category": "type-unsupported",
+    "engine_name": "SymantecMobileInsight",
+    "engine_update": "20240103",
+    "engine_version": "2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "TACHYON": {
+    "category": "undetected",
+    "engine_name": "TACHYON",
+    "engine_update": "20240629",
+    "engine_version": "2024-06-29.02",
+    "method": "blacklist",
+    "result": null
+  },
+  "Tencent": {
+    "category": "malicious",
+    "engine_name": "Tencent",
+    "engine_update": "20240629",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.Mirai.wan"
+  },
+  "Trapmine": {
+    "category": "type-unsupported",
+    "engine_name": "Trapmine",
+    "engine_update": "20240223",
+    "engine_version": "4.0.16.96",
+    "method": "blacklist",
+    "result": null
+  },
+  "TrendMicro": {
+    "category": "malicious",
+    "engine_name": "TrendMicro",
+    "engine_update": "20240629",
+    "engine_version": "11.0.0.1006",
+    "method": "blacklist",
+    "result": "Possible_SMMODUPXA"
+  },
+  "TrendMicro-HouseCall": {
+    "category": "undetected",
+    "engine_name": "TrendMicro-HouseCall",
+    "engine_update": "20240629",
+    "engine_version": "10.0.0.1040",
+    "method": "blacklist",
+    "result": null
+  },
+  "Trustlook": {
+    "category": "type-unsupported",
+    "engine_name": "Trustlook",
+    "engine_update": "20240629",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VBA32": {
+    "category": "undetected",
+    "engine_name": "VBA32",
+    "engine_update": "20240628",
+    "engine_version": "5.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VIPRE": {
+    "category": "malicious",
+    "engine_name": "VIPRE",
+    "engine_update": "20240629",
+    "engine_version": "6.0.0.35",
+    "method": "blacklist",
+    "result": "Trojan.Generic.35965739"
+  },
+  "Varist": {
+    "category": "malicious",
+    "engine_name": "Varist",
+    "engine_update": "20240629",
+    "engine_version": "6.5.1.2",
+    "method": "blacklist",
+    "result": "E32/ABRisk.EROA-7"
+  },
+  "ViRobot": {
+    "category": "undetected",
+    "engine_name": "ViRobot",
+    "engine_update": "20240628",
+    "engine_version": "2014.3.20.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VirIT": {
+    "category": "undetected",
+    "engine_name": "VirIT",
+    "engine_update": "20240628",
+    "engine_version": "9.5.734",
+    "method": "blacklist",
+    "result": null
+  },
+  "Webroot": {
+    "category": "type-unsupported",
+    "engine_name": "Webroot",
+    "engine_update": "20240629",
+    "engine_version": "1.0.0.403",
+    "method": "blacklist",
+    "result": null
+  },
+  "Xcitium": {
+    "category": "undetected",
+    "engine_name": "Xcitium",
+    "engine_update": "20240629",
+    "engine_version": "36832",
+    "method": "blacklist",
+    "result": null
+  },
+  "Yandex": {
+    "category": "undetected",
+    "engine_name": "Yandex",
+    "engine_update": "20240629",
+    "engine_version": "5.5.2.24",
+    "method": "blacklist",
+    "result": null
+  },
+  "Zillya": {
+    "category": "undetected",
+    "engine_name": "Zillya",
+    "engine_update": "20240628",
+    "engine_version": "2.0.0.5143",
+    "method": "blacklist",
+    "result": null
+  },
+  "ZoneAlarm": {
+    "category": "malicious",
+    "engine_name": "ZoneAlarm",
+    "engine_update": "20240629",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": "HEUR:Backdoor.Linux.Mirai.b"
+  },
+  "Zoner": {
+    "category": "undetected",
+    "engine_name": "Zoner",
+    "engine_update": "20240629",
+    "engine_version": "2.2.2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "alibabacloud": {
+    "category": "malicious",
+    "engine_name": "alibabacloud",
+    "engine_update": "20240620",
+    "engine_version": "2.1.0",
+    "method": "blacklist",
+    "result": "DDoS"
+  },
+  "tehtris": {
+    "category": "undetected",
+    "engine_name": "tehtris",
+    "engine_update": "20240629",
+    "engine_version": "v0.1.4",
+    "method": "blacklist",
+    "result": null
+  }
+}
--- a/linux/6420f5d7d48b75d687b8356e93c82721bb536c633d773f8985f74c8977425f04/README.md
+++ b/linux/6420f5d7d48b75d687b8356e93c82721bb536c633d773f8985f74c8977425f04/README.md
@ -0,0 +1,59 @@
+
+# Sample Information
+
+<table>
+  <tr>
+    <td><b>VirusTotal Threat Label</b></td>
+    <td><b><span style="color: red">trojan.cornelgen/expl</span></b></td>
+  </tr>
+  <tr>
+    <td><b>md5</b></td>
+    <td>e62089b51f3b485b891359accdb11bdc</td>
+  </tr>
+  <tr>
+    <td><b>sha1</b></td>
+    <td>acbe528883175ce934df4edd4fff045a0e2d2d8f</td>
+  </tr>
+  <tr>
+    <td><b>sha256</b></td>
+    <td>6420f5d7d48b75d687b8356e93c82721bb536c633d773f8985f74c8977425f04</td>
+  </tr>
+  <tr>
+    <td><b>sha512</b></td>
+    <td>7bea4517cfbc816db778296f17c414cf93da4182c014678e214685733fd275401893344277f2d826965c4908c77c1136d53f6a76ff0e3b5d2250c19be9ccaf50</td>
+  </tr>
+</table>
+
+**VirusTotal**: https://www.virustotal.com/gui/file/6420f5d7d48b75d687b8356e93c82721bb536c633d773f8985f74c8977425f04
+
+## Detection Names
+
+Artemis!Trojan  
+Detected  
+ELF:CVE-2010-3081-E [Expl]  
+ELF_EXPLOYT.LL  
+EXP/CVE-2010-3081.B  
+Exp:Linux/CVE.2010.3081  
+Exploit.Agent!8.1B (TFE:14:90c1BLtlaUT)  
+Exploit.Agent.Linux.4  
+Exploit.Elf32.CVE20103081.dxkfls  
+Exploit.EXP/CVE-2010-3081.B  
+Exploit.Linux.ahn  
+Exploit:Linux/CVE-2010-3081.A!MTB  
+Exploit.MS04.CVE-2004-0210-2010-3081.B  
+Hacktool.Linux.Agent.3!c  
+HEUR:Exploit.Linux.Agent.a  
+Linux.CornelGEN.1714  
+Linux.CornelGEN.1714 (B)  
+Linux.CornelGEN.D6B2  
+Linux/Exploit.Agent.AY  
+Linux.Exploit.Agent.Qgil  
+Linux.Exploit.CVE-2010-3081.1  
+Malicious (score: 99)  
+Malware@#57nwy1j6aalm  
+malware (ai score=96)  
+Static AI - Suspicious ELF  
+Trojan[Exploit]/Linux.Agent.a  
+Trojan.Gen.NPE  
+Unix.Malware.Agent-7437248-0  
+
--- a/linux/6420f5d7d48b75d687b8356e93c82721bb536c633d773f8985f74c8977425f04/virustotal.json
+++ b/linux/6420f5d7d48b75d687b8356e93c82721bb536c633d773f8985f74c8977425f04/virustotal.json
@ -0,0 +1,626 @@
+{
+  "ALYac": {
+    "category": "malicious",
+    "engine_name": "ALYac",
+    "engine_update": "20240611",
+    "engine_version": "2.0.0.10",
+    "method": "blacklist",
+    "result": "Linux.CornelGEN.1714"
+  },
+  "APEX": {
+    "category": "type-unsupported",
+    "engine_name": "APEX",
+    "engine_update": "20240610",
+    "engine_version": "6.541",
+    "method": "blacklist",
+    "result": null
+  },
+  "AVG": {
+    "category": "malicious",
+    "engine_name": "AVG",
+    "engine_update": "20240611",
+    "engine_version": "23.9.8494.0",
+    "method": "blacklist",
+    "result": "ELF:CVE-2010-3081-E [Expl]"
+  },
+  "Acronis": {
+    "category": "undetected",
+    "engine_name": "Acronis",
+    "engine_update": "20240328",
+    "engine_version": "1.2.0.121",
+    "method": "blacklist",
+    "result": null
+  },
+  "AhnLab-V3": {
+    "category": "undetected",
+    "engine_name": "AhnLab-V3",
+    "engine_update": "20240611",
+    "engine_version": "3.25.1.10473",
+    "method": "blacklist",
+    "result": null
+  },
+  "Alibaba": {
+    "category": "type-unsupported",
+    "engine_name": "Alibaba",
+    "engine_update": "20190527",
+    "engine_version": "0.3.0.5",
+    "method": "blacklist",
+    "result": null
+  },
+  "Antiy-AVL": {
+    "category": "malicious",
+    "engine_name": "Antiy-AVL",
+    "engine_update": "20240611",
+    "engine_version": "3.0",
+    "method": "blacklist",
+    "result": "Trojan[Exploit]/Linux.Agent.a"
+  },
+  "Arcabit": {
+    "category": "malicious",
+    "engine_name": "Arcabit",
+    "engine_update": "20240611",
+    "engine_version": "2022.0.0.18",
+    "method": "blacklist",
+    "result": "Linux.CornelGEN.D6B2"
+  },
+  "Avast": {
+    "category": "malicious",
+    "engine_name": "Avast",
+    "engine_update": "20240611",
+    "engine_version": "23.9.8494.0",
+    "method": "blacklist",
+    "result": "ELF:CVE-2010-3081-E [Expl]"
+  },
+  "Avast-Mobile": {
+    "category": "undetected",
+    "engine_name": "Avast-Mobile",
+    "engine_update": "20240611",
+    "engine_version": "240611-00",
+    "method": "blacklist",
+    "result": null
+  },
+  "Avira": {
+    "category": "malicious",
+    "engine_name": "Avira",
+    "engine_update": "20240611",
+    "engine_version": "8.3.3.18",
+    "method": "blacklist",
+    "result": "EXP/CVE-2010-3081.B"
+  },
+  "Baidu": {
+    "category": "undetected",
+    "engine_name": "Baidu",
+    "engine_update": "20190318",
+    "engine_version": "1.0.0.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefender": {
+    "category": "malicious",
+    "engine_name": "BitDefender",
+    "engine_update": "20240611",
+    "engine_version": "7.2",
+    "method": "blacklist",
+    "result": "Linux.CornelGEN.1714"
+  },
+  "BitDefenderFalx": {
+    "category": "type-unsupported",
+    "engine_name": "BitDefenderFalx",
+    "engine_update": "20240128",
+    "engine_version": "2.0.936",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefenderTheta": {
+    "category": "undetected",
+    "engine_name": "BitDefenderTheta",
+    "engine_update": "20240529",
+    "engine_version": "7.2.37796.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Bkav": {
+    "category": "undetected",
+    "engine_name": "Bkav",
+    "engine_update": "20240611",
+    "engine_version": "2.0.0.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "CAT-QuickHeal": {
+    "category": "undetected",
+    "engine_name": "CAT-QuickHeal",
+    "engine_update": "20240610",
+    "engine_version": "22.00",
+    "method": "blacklist",
+    "result": null
+  },
+  "CMC": {
+    "category": "undetected",
+    "engine_name": "CMC",
+    "engine_update": "20240609",
+    "engine_version": "2.4.2022.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "ClamAV": {
+    "category": "malicious",
+    "engine_name": "ClamAV",
+    "engine_update": "20240611",
+    "engine_version": "1.3.1.0",
+    "method": "blacklist",
+    "result": "Unix.Malware.Agent-7437248-0"
+  },
+  "CrowdStrike": {
+    "category": "undetected",
+    "engine_name": "CrowdStrike",
+    "engine_update": "20231026",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cybereason": {
+    "category": "undetected",
+    "engine_name": "Cybereason",
+    "engine_update": "20240502",
+    "engine_version": "1.2.449",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cylance": {
+    "category": "type-unsupported",
+    "engine_name": "Cylance",
+    "engine_update": "20240606",
+    "engine_version": "3.0.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cynet": {
+    "category": "malicious",
+    "engine_name": "Cynet",
+    "engine_update": "20240611",
+    "engine_version": "4.0.1.1",
+    "method": "blacklist",
+    "result": "Malicious (score: 99)"
+  },
+  "DeepInstinct": {
+    "category": "type-unsupported",
+    "engine_name": "DeepInstinct",
+    "engine_update": "20240606",
+    "engine_version": "5.0.0.8",
+    "method": "blacklist",
+    "result": null
+  },
+  "DrWeb": {
+    "category": "malicious",
+    "engine_name": "DrWeb",
+    "engine_update": "20240611",
+    "engine_version": "7.0.65.5230",
+    "method": "blacklist",
+    "result": "Linux.Exploit.CVE-2010-3081.1"
+  },
+  "ESET-NOD32": {
+    "category": "malicious",
+    "engine_name": "ESET-NOD32",
+    "engine_update": "20240611",
+    "engine_version": "29374",
+    "method": "blacklist",
+    "result": "Linux/Exploit.Agent.AY"
+  },
+  "Elastic": {
+    "category": "undetected",
+    "engine_name": "Elastic",
+    "engine_update": "20240531",
+    "engine_version": "4.0.149",
+    "method": "blacklist",
+    "result": null
+  },
+  "Emsisoft": {
+    "category": "malicious",
+    "engine_name": "Emsisoft",
+    "engine_update": "20240611",
+    "engine_version": "2024.1.0.53752",
+    "method": "blacklist",
+    "result": "Linux.CornelGEN.1714 (B)"
+  },
+  "F-Secure": {
+    "category": "malicious",
+    "engine_name": "F-Secure",
+    "engine_update": "20240611",
+    "engine_version": "18.10.1547.307",
+    "method": "blacklist",
+    "result": "Exploit.EXP/CVE-2010-3081.B"
+  },
+  "FireEye": {
+    "category": "malicious",
+    "engine_name": "FireEye",
+    "engine_update": "20240611",
+    "engine_version": "35.47.0.0",
+    "method": "blacklist",
+    "result": "Linux.CornelGEN.1714"
+  },
+  "Fortinet": {
+    "category": "undetected",
+    "engine_name": "Fortinet",
+    "engine_update": "20240611",
+    "engine_version": "None",
+    "method": "blacklist",
+    "result": null
+  },
+  "GData": {
+    "category": "malicious",
+    "engine_name": "GData",
+    "engine_update": "20240611",
+    "engine_version": "A:25.38247B:27.36321",
+    "method": "blacklist",
+    "result": "Linux.CornelGEN.1714"
+  },
+  "Google": {
+    "category": "malicious",
+    "engine_name": "Google",
+    "engine_update": "20240611",
+    "engine_version": "1718100027",
+    "method": "blacklist",
+    "result": "Detected"
+  },
+  "Gridinsoft": {
+    "category": "undetected",
+    "engine_name": "Gridinsoft",
+    "engine_update": "20240611",
+    "engine_version": "1.0.179.174",
+    "method": "blacklist",
+    "result": null
+  },
+  "Ikarus": {
+    "category": "malicious",
+    "engine_name": "Ikarus",
+    "engine_update": "20240611",
+    "engine_version": "6.3.12.0",
+    "method": "blacklist",
+    "result": "Exploit.MS04.CVE-2004-0210-2010-3081.B"
+  },
+  "Jiangmin": {
+    "category": "malicious",
+    "engine_name": "Jiangmin",
+    "engine_update": "20240610",
+    "engine_version": "16.0.100",
+    "method": "blacklist",
+    "result": "Exploit.Linux.ahn"
+  },
+  "K7AntiVirus": {
+    "category": "undetected",
+    "engine_name": "K7AntiVirus",
+    "engine_update": "20240611",
+    "engine_version": "12.166.52252",
+    "method": "blacklist",
+    "result": null
+  },
+  "K7GW": {
+    "category": "undetected",
+    "engine_name": "K7GW",
+    "engine_update": "20240611",
+    "engine_version": "12.166.52250",
+    "method": "blacklist",
+    "result": null
+  },
+  "Kaspersky": {
+    "category": "malicious",
+    "engine_name": "Kaspersky",
+    "engine_update": "20240611",
+    "engine_version": "22.0.1.28",
+    "method": "blacklist",
+    "result": "HEUR:Exploit.Linux.Agent.a"
+  },
+  "Kingsoft": {
+    "category": "undetected",
+    "engine_name": "Kingsoft",
+    "engine_update": "20230906",
+    "engine_version": "None",
+    "method": "blacklist",
+    "result": null
+  },
+  "Lionic": {
+    "category": "malicious",
+    "engine_name": "Lionic",
+    "engine_update": "20240611",
+    "engine_version": "7.5",
+    "method": "blacklist",
+    "result": "Hacktool.Linux.Agent.3!c"
+  },
+  "MAX": {
+    "category": "malicious",
+    "engine_name": "MAX",
+    "engine_update": "20240611",
+    "engine_version": "2023.1.4.1",
+    "method": "blacklist",
+    "result": "malware (ai score=96)"
+  },
+  "Malwarebytes": {
+    "category": "undetected",
+    "engine_name": "Malwarebytes",
+    "engine_update": "20240611",
+    "engine_version": "4.5.5.54",
+    "method": "blacklist",
+    "result": null
+  },
+  "MaxSecure": {
+    "category": "undetected",
+    "engine_name": "MaxSecure",
+    "engine_update": "20240611",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "McAfee": {
+    "category": "undetected",
+    "engine_name": "McAfee",
+    "engine_update": "20240610",
+    "engine_version": "6.0.6.653",
+    "method": "blacklist",
+    "result": null
+  },
+  "McAfeeD": {
+    "category": "type-unsupported",
+    "engine_name": "McAfeeD",
+    "engine_update": "20240611",
+    "engine_version": "1.2.0.7628",
+    "method": "blacklist",
+    "result": null
+  },
+  "MicroWorld-eScan": {
+    "category": "malicious",
+    "engine_name": "MicroWorld-eScan",
+    "engine_update": "20240611",
+    "engine_version": "14.0.409.0",
+    "method": "blacklist",
+    "result": "Linux.CornelGEN.1714"
+  },
+  "Microsoft": {
+    "category": "malicious",
+    "engine_name": "Microsoft",
+    "engine_update": "20240611",
+    "engine_version": "1.1.24050.5",
+    "method": "blacklist",
+    "result": "Exploit:Linux/CVE-2010-3081.A!MTB"
+  },
+  "NANO-Antivirus": {
+    "category": "malicious",
+    "engine_name": "NANO-Antivirus",
+    "engine_update": "20240611",
+    "engine_version": "1.0.146.25796",
+    "method": "blacklist",
+    "result": "Exploit.Elf32.CVE20103081.dxkfls"
+  },
+  "Paloalto": {
+    "category": "type-unsupported",
+    "engine_name": "Paloalto",
+    "engine_update": "20240611",
+    "engine_version": "0.9.0.1003",
+    "method": "blacklist",
+    "result": null
+  },
+  "Panda": {
+    "category": "undetected",
+    "engine_name": "Panda",
+    "engine_update": "20240610",
+    "engine_version": "4.6.4.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "Rising": {
+    "category": "malicious",
+    "engine_name": "Rising",
+    "engine_update": "20240611",
+    "engine_version": "25.0.0.27",
+    "method": "blacklist",
+    "result": "Exploit.Agent!8.1B (TFE:14:90c1BLtlaUT)"
+  },
+  "SUPERAntiSpyware": {
+    "category": "undetected",
+    "engine_name": "SUPERAntiSpyware",
+    "engine_update": "20240611",
+    "engine_version": "5.6.0.1032",
+    "method": "blacklist",
+    "result": null
+  },
+  "Sangfor": {
+    "category": "undetected",
+    "engine_name": "Sangfor",
+    "engine_update": "20240611",
+    "engine_version": "2.25.10.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "SentinelOne": {
+    "category": "malicious",
+    "engine_name": "SentinelOne",
+    "engine_update": "20240417",
+    "engine_version": "24.2.1.1",
+    "method": "blacklist",
+    "result": "Static AI - Suspicious ELF"
+  },
+  "Skyhigh": {
+    "category": "malicious",
+    "engine_name": "Skyhigh",
+    "engine_update": "20240610",
+    "engine_version": "v2021.2.0+4045",
+    "method": "blacklist",
+    "result": "Artemis!Trojan"
+  },
+  "Sophos": {
+    "category": "undetected",
+    "engine_name": "Sophos",
+    "engine_update": "20240611",
+    "engine_version": "2.5.5.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Symantec": {
+    "category": "malicious",
+    "engine_name": "Symantec",
+    "engine_update": "20240611",
+    "engine_version": "1.21.0.0",
+    "method": "blacklist",
+    "result": "Trojan.Gen.NPE"
+  },
+  "SymantecMobileInsight": {
+    "category": "type-unsupported",
+    "engine_name": "SymantecMobileInsight",
+    "engine_update": "20240103",
+    "engine_version": "2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "TACHYON": {
+    "category": "undetected",
+    "engine_name": "TACHYON",
+    "engine_update": "20240611",
+    "engine_version": "2024-06-11.02",
+    "method": "blacklist",
+    "result": null
+  },
+  "Tencent": {
+    "category": "malicious",
+    "engine_name": "Tencent",
+    "engine_update": "20240611",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": "Linux.Exploit.Agent.Qgil"
+  },
+  "Trapmine": {
+    "category": "type-unsupported",
+    "engine_name": "Trapmine",
+    "engine_update": "20240223",
+    "engine_version": "4.0.16.96",
+    "method": "blacklist",
+    "result": null
+  },
+  "TrendMicro": {
+    "category": "malicious",
+    "engine_name": "TrendMicro",
+    "engine_update": "20240611",
+    "engine_version": "11.0.0.1006",
+    "method": "blacklist",
+    "result": "ELF_EXPLOYT.LL"
+  },
+  "TrendMicro-HouseCall": {
+    "category": "malicious",
+    "engine_name": "TrendMicro-HouseCall",
+    "engine_update": "20240611",
+    "engine_version": "10.0.0.1040",
+    "method": "blacklist",
+    "result": "ELF_EXPLOYT.LL"
+  },
+  "Trustlook": {
+    "category": "type-unsupported",
+    "engine_name": "Trustlook",
+    "engine_update": "20240611",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VBA32": {
+    "category": "undetected",
+    "engine_name": "VBA32",
+    "engine_update": "20240611",
+    "engine_version": "5.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VIPRE": {
+    "category": "malicious",
+    "engine_name": "VIPRE",
+    "engine_update": "20240611",
+    "engine_version": "6.0.0.35",
+    "method": "blacklist",
+    "result": "Linux.CornelGEN.1714"
+  },
+  "Varist": {
+    "category": "undetected",
+    "engine_name": "Varist",
+    "engine_update": "20240611",
+    "engine_version": "6.5.1.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "ViRobot": {
+    "category": "undetected",
+    "engine_name": "ViRobot",
+    "engine_update": "20240611",
+    "engine_version": "2014.3.20.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VirIT": {
+    "category": "undetected",
+    "engine_name": "VirIT",
+    "engine_update": "20240610",
+    "engine_version": "9.5.720",
+    "method": "blacklist",
+    "result": null
+  },
+  "Webroot": {
+    "category": "type-unsupported",
+    "engine_name": "Webroot",
+    "engine_update": "20240611",
+    "engine_version": "1.0.0.403",
+    "method": "blacklist",
+    "result": null
+  },
+  "Xcitium": {
+    "category": "malicious",
+    "engine_name": "Xcitium",
+    "engine_update": "20240611",
+    "engine_version": "36779",
+    "method": "blacklist",
+    "result": "Malware@#57nwy1j6aalm"
+  },
+  "Yandex": {
+    "category": "undetected",
+    "engine_name": "Yandex",
+    "engine_update": "20240611",
+    "engine_version": "5.5.2.24",
+    "method": "blacklist",
+    "result": null
+  },
+  "Zillya": {
+    "category": "malicious",
+    "engine_name": "Zillya",
+    "engine_update": "20240610",
+    "engine_version": "2.0.0.5130",
+    "method": "blacklist",
+    "result": "Exploit.Agent.Linux.4"
+  },
+  "ZoneAlarm": {
+    "category": "malicious",
+    "engine_name": "ZoneAlarm",
+    "engine_update": "20240611",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": "HEUR:Exploit.Linux.Agent.a"
+  },
+  "Zoner": {
+    "category": "undetected",
+    "engine_name": "Zoner",
+    "engine_update": "20240611",
+    "engine_version": "2.2.2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "alibabacloud": {
+    "category": "malicious",
+    "engine_name": "alibabacloud",
+    "engine_update": "20240513",
+    "engine_version": "2.1.0",
+    "method": "blacklist",
+    "result": "Exp:Linux/CVE.2010.3081"
+  },
+  "tehtris": {
+    "category": "undetected",
+    "engine_name": "tehtris",
+    "engine_update": "20240611",
+    "engine_version": "v0.1.4",
+    "method": "blacklist",
+    "result": null
+  }
+}
--- a/linux/6ebf51d169240f1c233aaf49da07005eca3529ae4c9b19b9de78f906ad7527a6/README.md
+++ b/linux/6ebf51d169240f1c233aaf49da07005eca3529ae4c9b19b9de78f906ad7527a6/README.md
@ -0,0 +1,66 @@
+
+# Sample Information
+
+<table>
+  <tr>
+    <td><b>VirusTotal Threat Label</b></td>
+    <td><b><span style="color: red">unknown</span></b></td>
+  </tr>
+  <tr>
+    <td><b>md5</b></td>
+    <td>3b580fa241f0f73f885ad9b364bef5e7</td>
+  </tr>
+  <tr>
+    <td><b>sha1</b></td>
+    <td>08534ff1a88547dd76c1948257ab7c78c2b7ab7e</td>
+  </tr>
+  <tr>
+    <td><b>sha256</b></td>
+    <td>6ebf51d169240f1c233aaf49da07005eca3529ae4c9b19b9de78f906ad7527a6</td>
+  </tr>
+  <tr>
+    <td><b>sha512</b></td>
+    <td>732b628b52e25eafc4f59b7372b8c9a258366b97d50385e64231a6616a61465581213ee02e9c3ac6284022e589e110dd3e3c16d9dd0572e64430bd9d5acb6477</td>
+  </tr>
+</table>
+
+**VirusTotal**: https://www.virustotal.com/gui/file/6ebf51d169240f1c233aaf49da07005eca3529ae4c9b19b9de78f906ad7527a6
+
+## Detection Names
+
+Backdoor.Linux.Ganiw.H  
+Backdoor.Linux.Ganiw.H (B)  
+Backdoor/Linux.ii  
+Backdoor:Linux/Setag.A  
+Backdoor.Setag/Linux!1.A3E5 (CLASSIC)  
+Backdoor.Win32.S.Agent.1135000.U  
+Detected  
+Downloader.OpenConnection.JS.100251  
+E32/Setag.B  
+ELF:Elknot-AE [Trj]  
+ELF/Setag.B!tr  
+ELF_SETAG.SM  
+EXP/ELF.Backdoor.Setag.cc.e  
+Exploit.EXP/ELF.Backdoor.Setag.cc.e  
+HEUR:Backdoor.Linux.Ganiw.d  
+Legacy.Trojan.Agent-1388639  
+Linux/Agent.A  
+Linux/Backdoor.1135000  
+Linux.BackDoor.Gates.9  
+Linux.BackDoor.Gates.G  
+Linux.Chikdos.B!gen2  
+Linux/DDoS-BD  
+Linux/Setag.B.Gen  
+Linux.Trojan.Ganiw  
+Linux.Trojan.Siggen.D  
+Malicious (score: 99)  
+Malware@#2hph1ko0peawr  
+malware (ai score=100)  
+Static AI - Malicious ELF  
+Trojan.Elf32.Ganiw.dirahp  
+Trojan.Linux.Agent  
+Trojan.Linux.Elknot.atAE  
+Trojan.Linux.Ganiw.a  
+Trojan.Malware.121218.susgen  
+Trojan/Win32.PowerGhost.a  
+
--- a/linux/6ebf51d169240f1c233aaf49da07005eca3529ae4c9b19b9de78f906ad7527a6/virustotal.json
+++ b/linux/6ebf51d169240f1c233aaf49da07005eca3529ae4c9b19b9de78f906ad7527a6/virustotal.json
@ -0,0 +1,602 @@
+{
+  "ALYac": {
+    "category": "malicious",
+    "engine_name": "ALYac",
+    "engine_update": "20230520",
+    "engine_version": "1.1.3.1",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.Ganiw.H"
+  },
+  "APEX": {
+    "category": "type-unsupported",
+    "engine_name": "APEX",
+    "engine_update": "20230519",
+    "engine_version": "6.413",
+    "method": "blacklist",
+    "result": null
+  },
+  "AVG": {
+    "category": "malicious",
+    "engine_name": "AVG",
+    "engine_update": "20230520",
+    "engine_version": "22.11.7701.0",
+    "method": "blacklist",
+    "result": "ELF:Elknot-AE [Trj]"
+  },
+  "Acronis": {
+    "category": "undetected",
+    "engine_name": "Acronis",
+    "engine_update": "20230219",
+    "engine_version": "1.2.0.114",
+    "method": "blacklist",
+    "result": null
+  },
+  "Ad-Aware": {
+    "category": "malicious",
+    "engine_name": "Ad-Aware",
+    "engine_update": "20230329",
+    "engine_version": "3.0.22.204",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.Ganiw.H"
+  },
+  "AhnLab-V3": {
+    "category": "malicious",
+    "engine_name": "AhnLab-V3",
+    "engine_update": "20230520",
+    "engine_version": "3.23.3.10396",
+    "method": "blacklist",
+    "result": "Linux/Backdoor.1135000"
+  },
+  "Alibaba": {
+    "category": "type-unsupported",
+    "engine_name": "Alibaba",
+    "engine_update": "20190527",
+    "engine_version": "0.3.0.5",
+    "method": "blacklist",
+    "result": null
+  },
+  "Antiy-AVL": {
+    "category": "malicious",
+    "engine_name": "Antiy-AVL",
+    "engine_update": "20230520",
+    "engine_version": "3.0",
+    "method": "blacklist",
+    "result": "Trojan/Win32.PowerGhost.a"
+  },
+  "Arcabit": {
+    "category": "malicious",
+    "engine_name": "Arcabit",
+    "engine_update": "20230520",
+    "engine_version": "2022.0.0.18",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.Ganiw.H"
+  },
+  "Avast": {
+    "category": "malicious",
+    "engine_name": "Avast",
+    "engine_update": "20230520",
+    "engine_version": "22.11.7701.0",
+    "method": "blacklist",
+    "result": "ELF:Elknot-AE [Trj]"
+  },
+  "Avast-Mobile": {
+    "category": "undetected",
+    "engine_name": "Avast-Mobile",
+    "engine_update": "20230520",
+    "engine_version": "230520-00",
+    "method": "blacklist",
+    "result": null
+  },
+  "Avira": {
+    "category": "malicious",
+    "engine_name": "Avira",
+    "engine_update": "20230520",
+    "engine_version": "8.3.3.16",
+    "method": "blacklist",
+    "result": "EXP/ELF.Backdoor.Setag.cc.e"
+  },
+  "Baidu": {
+    "category": "undetected",
+    "engine_name": "Baidu",
+    "engine_update": "20190318",
+    "engine_version": "1.0.0.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefender": {
+    "category": "malicious",
+    "engine_name": "BitDefender",
+    "engine_update": "20230520",
+    "engine_version": "7.2",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.Ganiw.H"
+  },
+  "BitDefenderFalx": {
+    "category": "type-unsupported",
+    "engine_name": "BitDefenderFalx",
+    "engine_update": "20230511",
+    "engine_version": "2.0.936",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefenderTheta": {
+    "category": "undetected",
+    "engine_name": "BitDefenderTheta",
+    "engine_update": "20230503",
+    "engine_version": "7.2.37796.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Bkav": {
+    "category": "undetected",
+    "engine_name": "Bkav",
+    "engine_update": "20230519",
+    "engine_version": "2.0.0.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "CAT-QuickHeal": {
+    "category": "undetected",
+    "engine_name": "CAT-QuickHeal",
+    "engine_update": "20230519",
+    "engine_version": "22.00",
+    "method": "blacklist",
+    "result": null
+  },
+  "CMC": {
+    "category": "undetected",
+    "engine_name": "CMC",
+    "engine_update": "20230520",
+    "engine_version": "2.4.2022.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "ClamAV": {
+    "category": "malicious",
+    "engine_name": "ClamAV",
+    "engine_update": "20230520",
+    "engine_version": "1.1.0.0",
+    "method": "blacklist",
+    "result": "Legacy.Trojan.Agent-1388639"
+  },
+  "CrowdStrike": {
+    "category": "type-unsupported",
+    "engine_name": "CrowdStrike",
+    "engine_update": "20220812",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cybereason": {
+    "category": "type-unsupported",
+    "engine_name": "Cybereason",
+    "engine_update": "20210330",
+    "engine_version": "1.2.449",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cylance": {
+    "category": "type-unsupported",
+    "engine_name": "Cylance",
+    "engine_update": "20230426",
+    "engine_version": "2.0.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cynet": {
+    "category": "malicious",
+    "engine_name": "Cynet",
+    "engine_update": "20230520",
+    "engine_version": "4.0.0.27",
+    "method": "blacklist",
+    "result": "Malicious (score: 99)"
+  },
+  "Cyren": {
+    "category": "malicious",
+    "engine_name": "Cyren",
+    "engine_update": "20230520",
+    "engine_version": "6.5.1.2",
+    "method": "blacklist",
+    "result": "E32/Setag.B"
+  },
+  "DeepInstinct": {
+    "category": "type-unsupported",
+    "engine_name": "DeepInstinct",
+    "engine_update": "20230516",
+    "engine_version": "3.1.0.15",
+    "method": "blacklist",
+    "result": null
+  },
+  "DrWeb": {
+    "category": "malicious",
+    "engine_name": "DrWeb",
+    "engine_update": "20230520",
+    "engine_version": "7.0.59.12300",
+    "method": "blacklist",
+    "result": "Linux.BackDoor.Gates.9"
+  },
+  "ESET-NOD32": {
+    "category": "malicious",
+    "engine_name": "ESET-NOD32",
+    "engine_update": "20230520",
+    "engine_version": "27268",
+    "method": "blacklist",
+    "result": "Linux/Setag.B.Gen"
+  },
+  "Elastic": {
+    "category": "malicious",
+    "engine_name": "Elastic",
+    "engine_update": "20230517",
+    "engine_version": "4.0.89",
+    "method": "blacklist",
+    "result": "Linux.Trojan.Ganiw"
+  },
+  "Emsisoft": {
+    "category": "malicious",
+    "engine_name": "Emsisoft",
+    "engine_update": "20230520",
+    "engine_version": "2022.6.0.32461",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.Ganiw.H (B)"
+  },
+  "F-Secure": {
+    "category": "malicious",
+    "engine_name": "F-Secure",
+    "engine_update": "20230520",
+    "engine_version": "18.10.1137.128",
+    "method": "blacklist",
+    "result": "Exploit.EXP/ELF.Backdoor.Setag.cc.e"
+  },
+  "FireEye": {
+    "category": "malicious",
+    "engine_name": "FireEye",
+    "engine_update": "20230520",
+    "engine_version": "35.24.1.0",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.Ganiw.H"
+  },
+  "Fortinet": {
+    "category": "malicious",
+    "engine_name": "Fortinet",
+    "engine_update": "20230520",
+    "engine_version": "6.4.258.0",
+    "method": "blacklist",
+    "result": "ELF/Setag.B!tr"
+  },
+  "GData": {
+    "category": "malicious",
+    "engine_name": "GData",
+    "engine_update": "20230520",
+    "engine_version": "A:25.35859B:27.31635",
+    "method": "blacklist",
+    "result": "Linux.Trojan.Siggen.D"
+  },
+  "Google": {
+    "category": "malicious",
+    "engine_name": "Google",
+    "engine_update": "20230520",
+    "engine_version": "1684569637",
+    "method": "blacklist",
+    "result": "Detected"
+  },
+  "Gridinsoft": {
+    "category": "undetected",
+    "engine_name": "Gridinsoft",
+    "engine_update": "20230520",
+    "engine_version": "1.0.118.174",
+    "method": "blacklist",
+    "result": null
+  },
+  "Ikarus": {
+    "category": "malicious",
+    "engine_name": "Ikarus",
+    "engine_update": "20230520",
+    "engine_version": "6.1.14.0",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Agent"
+  },
+  "Jiangmin": {
+    "category": "malicious",
+    "engine_name": "Jiangmin",
+    "engine_update": "20230519",
+    "engine_version": "16.0.100",
+    "method": "blacklist",
+    "result": "Backdoor/Linux.ii"
+  },
+  "K7AntiVirus": {
+    "category": "undetected",
+    "engine_name": "K7AntiVirus",
+    "engine_update": "20230520",
+    "engine_version": "12.87.48312",
+    "method": "blacklist",
+    "result": null
+  },
+  "K7GW": {
+    "category": "undetected",
+    "engine_name": "K7GW",
+    "engine_update": "20230520",
+    "engine_version": "12.87.48312",
+    "method": "blacklist",
+    "result": null
+  },
+  "Kaspersky": {
+    "category": "malicious",
+    "engine_name": "Kaspersky",
+    "engine_update": "20230520",
+    "engine_version": "22.0.1.28",
+    "method": "blacklist",
+    "result": "HEUR:Backdoor.Linux.Ganiw.d"
+  },
+  "Lionic": {
+    "category": "undetected",
+    "engine_name": "Lionic",
+    "engine_update": "20230520",
+    "engine_version": "7.5",
+    "method": "blacklist",
+    "result": null
+  },
+  "MAX": {
+    "category": "malicious",
+    "engine_name": "MAX",
+    "engine_update": "20230520",
+    "engine_version": "2023.1.4.1",
+    "method": "blacklist",
+    "result": "malware (ai score=100)"
+  },
+  "Malwarebytes": {
+    "category": "undetected",
+    "engine_name": "Malwarebytes",
+    "engine_update": "20230520",
+    "engine_version": "4.5.5.54",
+    "method": "blacklist",
+    "result": null
+  },
+  "MaxSecure": {
+    "category": "malicious",
+    "engine_name": "MaxSecure",
+    "engine_update": "20230519",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": "Trojan.Malware.121218.susgen"
+  },
+  "McAfee": {
+    "category": "malicious",
+    "engine_name": "McAfee",
+    "engine_update": "20230520",
+    "engine_version": "6.0.6.653",
+    "method": "blacklist",
+    "result": "Linux/Agent.A"
+  },
+  "McAfee-GW-Edition": {
+    "category": "malicious",
+    "engine_name": "McAfee-GW-Edition",
+    "engine_update": "20230520",
+    "engine_version": "v2021.2.0+4045",
+    "method": "blacklist",
+    "result": "Linux/Agent.A"
+  },
+  "MicroWorld-eScan": {
+    "category": "malicious",
+    "engine_name": "MicroWorld-eScan",
+    "engine_update": "20230520",
+    "engine_version": "14.0.409.0",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.Ganiw.H"
+  },
+  "Microsoft": {
+    "category": "malicious",
+    "engine_name": "Microsoft",
+    "engine_update": "20230520",
+    "engine_version": "1.1.20300.3",
+    "method": "blacklist",
+    "result": "Backdoor:Linux/Setag.A"
+  },
+  "NANO-Antivirus": {
+    "category": "malicious",
+    "engine_name": "NANO-Antivirus",
+    "engine_update": "20230520",
+    "engine_version": "1.0.146.25757",
+    "method": "blacklist",
+    "result": "Trojan.Elf32.Ganiw.dirahp"
+  },
+  "Paloalto": {
+    "category": "type-unsupported",
+    "engine_name": "Paloalto",
+    "engine_update": "20230520",
+    "engine_version": "0.9.0.1003",
+    "method": "blacklist",
+    "result": null
+  },
+  "Panda": {
+    "category": "undetected",
+    "engine_name": "Panda",
+    "engine_update": "20230520",
+    "engine_version": "4.6.4.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "Rising": {
+    "category": "malicious",
+    "engine_name": "Rising",
+    "engine_update": "20230520",
+    "engine_version": "25.0.0.27",
+    "method": "blacklist",
+    "result": "Backdoor.Setag/Linux!1.A3E5 (CLASSIC)"
+  },
+  "SUPERAntiSpyware": {
+    "category": "undetected",
+    "engine_name": "SUPERAntiSpyware",
+    "engine_update": "20230514",
+    "engine_version": "5.6.0.1032",
+    "method": "blacklist",
+    "result": null
+  },
+  "Sangfor": {
+    "category": "malicious",
+    "engine_name": "Sangfor",
+    "engine_update": "20230512",
+    "engine_version": "2.23.0.0",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Elknot.atAE"
+  },
+  "SentinelOne": {
+    "category": "malicious",
+    "engine_name": "SentinelOne",
+    "engine_update": "20230404",
+    "engine_version": "23.2.0.1",
+    "method": "blacklist",
+    "result": "Static AI - Malicious ELF"
+  },
+  "Sophos": {
+    "category": "malicious",
+    "engine_name": "Sophos",
+    "engine_update": "20230520",
+    "engine_version": "2.1.2.0",
+    "method": "blacklist",
+    "result": "Linux/DDoS-BD"
+  },
+  "Symantec": {
+    "category": "malicious",
+    "engine_name": "Symantec",
+    "engine_update": "20230519",
+    "engine_version": "1.20.0.0",
+    "method": "blacklist",
+    "result": "Linux.Chikdos.B!gen2"
+  },
+  "SymantecMobileInsight": {
+    "category": "type-unsupported",
+    "engine_name": "SymantecMobileInsight",
+    "engine_update": "20230119",
+    "engine_version": "2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "TACHYON": {
+    "category": "undetected",
+    "engine_name": "TACHYON",
+    "engine_update": "20230520",
+    "engine_version": "2023-05-20.02",
+    "method": "blacklist",
+    "result": null
+  },
+  "Tencent": {
+    "category": "malicious",
+    "engine_name": "Tencent",
+    "engine_update": "20230520",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Ganiw.a"
+  },
+  "Trapmine": {
+    "category": "type-unsupported",
+    "engine_name": "Trapmine",
+    "engine_update": "20230412",
+    "engine_version": "4.0.14.446",
+    "method": "blacklist",
+    "result": null
+  },
+  "TrendMicro": {
+    "category": "malicious",
+    "engine_name": "TrendMicro",
+    "engine_update": "20230520",
+    "engine_version": "11.0.0.1006",
+    "method": "blacklist",
+    "result": "ELF_SETAG.SM"
+  },
+  "TrendMicro-HouseCall": {
+    "category": "malicious",
+    "engine_name": "TrendMicro-HouseCall",
+    "engine_update": "20230520",
+    "engine_version": "10.0.0.1040",
+    "method": "blacklist",
+    "result": "ELF_SETAG.SM"
+  },
+  "Trustlook": {
+    "category": "type-unsupported",
+    "engine_name": "Trustlook",
+    "engine_update": "20230520",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VBA32": {
+    "category": "undetected",
+    "engine_name": "VBA32",
+    "engine_update": "20230519",
+    "engine_version": "5.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VIPRE": {
+    "category": "malicious",
+    "engine_name": "VIPRE",
+    "engine_update": "20230519",
+    "engine_version": "6.0.0.35",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.Ganiw.H"
+  },
+  "ViRobot": {
+    "category": "malicious",
+    "engine_name": "ViRobot",
+    "engine_update": "20230519",
+    "engine_version": "2014.3.20.0",
+    "method": "blacklist",
+    "result": "Backdoor.Win32.S.Agent.1135000.U"
+  },
+  "VirIT": {
+    "category": "malicious",
+    "engine_name": "VirIT",
+    "engine_update": "20230519",
+    "engine_version": "9.5.452",
+    "method": "blacklist",
+    "result": "Linux.BackDoor.Gates.G"
+  },
+  "Webroot": {
+    "category": "type-unsupported",
+    "engine_name": "Webroot",
+    "engine_update": "20230520",
+    "engine_version": "1.0.0.403",
+    "method": "blacklist",
+    "result": null
+  },
+  "Xcitium": {
+    "category": "malicious",
+    "engine_name": "Xcitium",
+    "engine_update": "20230520",
+    "engine_version": "35657",
+    "method": "blacklist",
+    "result": "Malware@#2hph1ko0peawr"
+  },
+  "Yandex": {
+    "category": "undetected",
+    "engine_name": "Yandex",
+    "engine_update": "20230520",
+    "engine_version": "5.5.2.24",
+    "method": "blacklist",
+    "result": null
+  },
+  "Zillya": {
+    "category": "malicious",
+    "engine_name": "Zillya",
+    "engine_update": "20230519",
+    "engine_version": "2.0.0.4877",
+    "method": "blacklist",
+    "result": "Downloader.OpenConnection.JS.100251"
+  },
+  "Zoner": {
+    "category": "undetected",
+    "engine_name": "Zoner",
+    "engine_update": "20230520",
+    "engine_version": "2.2.2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "tehtris": {
+    "category": "type-unsupported",
+    "engine_name": "tehtris",
+    "engine_update": "20230520",
+    "engine_version": "v0.1.4",
+    "method": "blacklist",
+    "result": null
+  }
+}
--- a/linux/713b699c04f21000fca981e698e1046d4595f423bd5741d712fd7e0bc358c771/README.md
+++ b/linux/713b699c04f21000fca981e698e1046d4595f423bd5741d712fd7e0bc358c771/README.md
@ -0,0 +1,66 @@
+
+# Sample Information
+
+<table>
+  <tr>
+    <td><b>VirusTotal Threat Label</b></td>
+    <td><b><span style="color: red">ransomware.hive/filecoderhive</span></b></td>
+  </tr>
+  <tr>
+    <td><b>md5</b></td>
+    <td>171d2a50c6d7e69281d1c3ef98d510f2</td>
+  </tr>
+  <tr>
+    <td><b>sha1</b></td>
+    <td>322db4ca435004a127acd4171cc52be9edaf5338</td>
+  </tr>
+  <tr>
+    <td><b>sha256</b></td>
+    <td>713b699c04f21000fca981e698e1046d4595f423bd5741d712fd7e0bc358c771</td>
+  </tr>
+  <tr>
+    <td><b>sha512</b></td>
+    <td>2226d1a5e9c8a2920fa8d327b53e10f135e9b30c8c3d1e7fbb3a59a51df782f106f41f60ad8140a1de4a81ef6b230418126ffb24bd75eab3c3a298ada2f58913</td>
+  </tr>
+</table>
+
+**VirusTotal**: https://www.virustotal.com/gui/file/713b699c04f21000fca981e698e1046d4595f423bd5741d712fd7e0bc358c771
+
+## Detection Names
+
+Detected  
+E64/DCFilcdr.JVGT-  
+ELF:Filecoder-CT [Trj]  
+ELF/TrojanGen.A  
+HEUR:Trojan-Ransom.Linux.Hive.b  
+Linux.Encoder.119  
+LINUX/Filecoder.gijrz  
+Linux/Filecoder_Hive.A!tr  
+Linux/Filecoder.Hive.D  
+Linux.Ransomware.Hive  
+Linux.Trojan-Ransom.Hive.Jqil  
+Linux.Troj.Generic.v  
+Mal/Generic-S  
+Malicious (score: 99)  
+malware (ai score=90)  
+Malware.LINUX/Filecoder.gijrz  
+Ransom-Hive!171D2A50C6D7  
+Ransom.Hive!8.12EEE (CLOUD)  
+Ransom:Linux/Filecoder!MTB  
+Ransom.U.Hive.bot  
+RansomWare  
+Ransomware/Linux.Hive.2367488  
+Trojan.Elf64.Ransom.jyhqzy  
+Trojan.Filecoder.Linux.78  
+Trojan Horse  
+Trojan.Linux.btf  
+Trojan.Linux.FILECODERHIVE.USELVL521  
+Trojan.Linux.Hive.j!c  
+Trojan.Linux.Ransom.224225  
+Trojan.Linux.Ransom.224225 (B)  
+Trojan.Linux.Ransom.D36BE1  
+Trojan-Ransom.Hive  
+Trojan.Ransom.Linux.Gen  
+Trojan[Ransom]/Linux.Hive.d  
+Unix.Ransomware.Deadbolt-9959009-0  
+
--- a/linux/713b699c04f21000fca981e698e1046d4595f423bd5741d712fd7e0bc358c771/virustotal.json
+++ b/linux/713b699c04f21000fca981e698e1046d4595f423bd5741d712fd7e0bc358c771/virustotal.json
@ -0,0 +1,626 @@
+{
+  "ALYac": {
+    "category": "malicious",
+    "engine_name": "ALYac",
+    "engine_update": "20240616",
+    "engine_version": "2.0.0.10",
+    "method": "blacklist",
+    "result": "Trojan.Ransom.Linux.Gen"
+  },
+  "APEX": {
+    "category": "type-unsupported",
+    "engine_name": "APEX",
+    "engine_update": "20240616",
+    "engine_version": "6.543",
+    "method": "blacklist",
+    "result": null
+  },
+  "AVG": {
+    "category": "malicious",
+    "engine_name": "AVG",
+    "engine_update": "20240616",
+    "engine_version": "23.9.8494.0",
+    "method": "blacklist",
+    "result": "ELF:Filecoder-CT [Trj]"
+  },
+  "Acronis": {
+    "category": "undetected",
+    "engine_name": "Acronis",
+    "engine_update": "20240328",
+    "engine_version": "1.2.0.121",
+    "method": "blacklist",
+    "result": null
+  },
+  "AhnLab-V3": {
+    "category": "malicious",
+    "engine_name": "AhnLab-V3",
+    "engine_update": "20240616",
+    "engine_version": "3.25.1.10473",
+    "method": "blacklist",
+    "result": "Ransomware/Linux.Hive.2367488"
+  },
+  "Alibaba": {
+    "category": "type-unsupported",
+    "engine_name": "Alibaba",
+    "engine_update": "20190527",
+    "engine_version": "0.3.0.5",
+    "method": "blacklist",
+    "result": null
+  },
+  "Antiy-AVL": {
+    "category": "malicious",
+    "engine_name": "Antiy-AVL",
+    "engine_update": "20240616",
+    "engine_version": "3.0",
+    "method": "blacklist",
+    "result": "Trojan[Ransom]/Linux.Hive.d"
+  },
+  "Arcabit": {
+    "category": "malicious",
+    "engine_name": "Arcabit",
+    "engine_update": "20240616",
+    "engine_version": "2022.0.0.18",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Ransom.D36BE1"
+  },
+  "Avast": {
+    "category": "malicious",
+    "engine_name": "Avast",
+    "engine_update": "20240616",
+    "engine_version": "23.9.8494.0",
+    "method": "blacklist",
+    "result": "ELF:Filecoder-CT [Trj]"
+  },
+  "Avast-Mobile": {
+    "category": "undetected",
+    "engine_name": "Avast-Mobile",
+    "engine_update": "20240616",
+    "engine_version": "240616-00",
+    "method": "blacklist",
+    "result": null
+  },
+  "Avira": {
+    "category": "malicious",
+    "engine_name": "Avira",
+    "engine_update": "20240616",
+    "engine_version": "8.3.3.18",
+    "method": "blacklist",
+    "result": "LINUX/Filecoder.gijrz"
+  },
+  "Baidu": {
+    "category": "undetected",
+    "engine_name": "Baidu",
+    "engine_update": "20190318",
+    "engine_version": "1.0.0.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefender": {
+    "category": "malicious",
+    "engine_name": "BitDefender",
+    "engine_update": "20240616",
+    "engine_version": "7.2",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Ransom.224225"
+  },
+  "BitDefenderFalx": {
+    "category": "type-unsupported",
+    "engine_name": "BitDefenderFalx",
+    "engine_update": "20240128",
+    "engine_version": "2.0.936",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefenderTheta": {
+    "category": "undetected",
+    "engine_name": "BitDefenderTheta",
+    "engine_update": "20240529",
+    "engine_version": "7.2.37796.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Bkav": {
+    "category": "undetected",
+    "engine_name": "Bkav",
+    "engine_update": "20240616",
+    "engine_version": "2.0.0.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "CAT-QuickHeal": {
+    "category": "undetected",
+    "engine_name": "CAT-QuickHeal",
+    "engine_update": "20240615",
+    "engine_version": "22.00",
+    "method": "blacklist",
+    "result": null
+  },
+  "CMC": {
+    "category": "undetected",
+    "engine_name": "CMC",
+    "engine_update": "20240616",
+    "engine_version": "2.4.2022.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "ClamAV": {
+    "category": "malicious",
+    "engine_name": "ClamAV",
+    "engine_update": "20240616",
+    "engine_version": "1.3.1.0",
+    "method": "blacklist",
+    "result": "Unix.Ransomware.Deadbolt-9959009-0"
+  },
+  "CrowdStrike": {
+    "category": "undetected",
+    "engine_name": "CrowdStrike",
+    "engine_update": "20230417",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cybereason": {
+    "category": "undetected",
+    "engine_name": "Cybereason",
+    "engine_update": "20180308",
+    "engine_version": null,
+    "method": "blacklist",
+    "result": null
+  },
+  "Cylance": {
+    "category": "type-unsupported",
+    "engine_name": "Cylance",
+    "engine_update": "20240612",
+    "engine_version": "3.0.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cynet": {
+    "category": "malicious",
+    "engine_name": "Cynet",
+    "engine_update": "20240616",
+    "engine_version": "4.0.1.1",
+    "method": "blacklist",
+    "result": "Malicious (score: 99)"
+  },
+  "DeepInstinct": {
+    "category": "type-unsupported",
+    "engine_name": "DeepInstinct",
+    "engine_update": "20240606",
+    "engine_version": "5.0.0.8",
+    "method": "blacklist",
+    "result": null
+  },
+  "DrWeb": {
+    "category": "malicious",
+    "engine_name": "DrWeb",
+    "engine_update": "20240616",
+    "engine_version": "7.0.65.5230",
+    "method": "blacklist",
+    "result": "Linux.Encoder.119"
+  },
+  "ESET-NOD32": {
+    "category": "malicious",
+    "engine_name": "ESET-NOD32",
+    "engine_update": "20240616",
+    "engine_version": "29403",
+    "method": "blacklist",
+    "result": "Linux/Filecoder.Hive.D"
+  },
+  "Elastic": {
+    "category": "malicious",
+    "engine_name": "Elastic",
+    "engine_update": "20240613",
+    "engine_version": "4.0.151",
+    "method": "blacklist",
+    "result": "Linux.Ransomware.Hive"
+  },
+  "Emsisoft": {
+    "category": "malicious",
+    "engine_name": "Emsisoft",
+    "engine_update": "20240616",
+    "engine_version": "2024.1.0.53752",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Ransom.224225 (B)"
+  },
+  "F-Secure": {
+    "category": "malicious",
+    "engine_name": "F-Secure",
+    "engine_update": "20240616",
+    "engine_version": "18.10.1547.307",
+    "method": "blacklist",
+    "result": "Malware.LINUX/Filecoder.gijrz"
+  },
+  "FireEye": {
+    "category": "malicious",
+    "engine_name": "FireEye",
+    "engine_update": "20240616",
+    "engine_version": "35.47.0.0",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Ransom.224225"
+  },
+  "Fortinet": {
+    "category": "malicious",
+    "engine_name": "Fortinet",
+    "engine_update": "20240616",
+    "engine_version": "None",
+    "method": "blacklist",
+    "result": "Linux/Filecoder_Hive.A!tr"
+  },
+  "GData": {
+    "category": "malicious",
+    "engine_name": "GData",
+    "engine_update": "20240616",
+    "engine_version": "A:25.38291B:27.36384",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Ransom.224225"
+  },
+  "Google": {
+    "category": "malicious",
+    "engine_name": "Google",
+    "engine_update": "20240616",
+    "engine_version": "1718546438",
+    "method": "blacklist",
+    "result": "Detected"
+  },
+  "Gridinsoft": {
+    "category": "malicious",
+    "engine_name": "Gridinsoft",
+    "engine_update": "20240616",
+    "engine_version": "1.0.179.174",
+    "method": "blacklist",
+    "result": "Ransom.U.Hive.bot"
+  },
+  "Ikarus": {
+    "category": "malicious",
+    "engine_name": "Ikarus",
+    "engine_update": "20240616",
+    "engine_version": "6.3.12.0",
+    "method": "blacklist",
+    "result": "Trojan-Ransom.Hive"
+  },
+  "Jiangmin": {
+    "category": "malicious",
+    "engine_name": "Jiangmin",
+    "engine_update": "20240615",
+    "engine_version": "16.0.100",
+    "method": "blacklist",
+    "result": "Trojan.Linux.btf"
+  },
+  "K7AntiVirus": {
+    "category": "undetected",
+    "engine_name": "K7AntiVirus",
+    "engine_update": "20240616",
+    "engine_version": "12.168.52308",
+    "method": "blacklist",
+    "result": null
+  },
+  "K7GW": {
+    "category": "undetected",
+    "engine_name": "K7GW",
+    "engine_update": "20240616",
+    "engine_version": "12.168.52309",
+    "method": "blacklist",
+    "result": null
+  },
+  "Kaspersky": {
+    "category": "malicious",
+    "engine_name": "Kaspersky",
+    "engine_update": "20240616",
+    "engine_version": "22.0.1.28",
+    "method": "blacklist",
+    "result": "HEUR:Trojan-Ransom.Linux.Hive.b"
+  },
+  "Kingsoft": {
+    "category": "malicious",
+    "engine_name": "Kingsoft",
+    "engine_update": "20230906",
+    "engine_version": "None",
+    "method": "blacklist",
+    "result": "Linux.Troj.Generic.v"
+  },
+  "Lionic": {
+    "category": "malicious",
+    "engine_name": "Lionic",
+    "engine_update": "20240616",
+    "engine_version": "7.5",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Hive.j!c"
+  },
+  "MAX": {
+    "category": "malicious",
+    "engine_name": "MAX",
+    "engine_update": "20240616",
+    "engine_version": "2023.1.4.1",
+    "method": "blacklist",
+    "result": "malware (ai score=90)"
+  },
+  "Malwarebytes": {
+    "category": "undetected",
+    "engine_name": "Malwarebytes",
+    "engine_update": "20240616",
+    "engine_version": "4.5.5.54",
+    "method": "blacklist",
+    "result": null
+  },
+  "MaxSecure": {
+    "category": "undetected",
+    "engine_name": "MaxSecure",
+    "engine_update": "20240614",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "McAfee": {
+    "category": "undetected",
+    "engine_name": "McAfee",
+    "engine_update": "20240616",
+    "engine_version": "6.0.6.653",
+    "method": "blacklist",
+    "result": null
+  },
+  "McAfeeD": {
+    "category": "type-unsupported",
+    "engine_name": "McAfeeD",
+    "engine_update": "20240616",
+    "engine_version": "1.2.0.7628",
+    "method": "blacklist",
+    "result": null
+  },
+  "MicroWorld-eScan": {
+    "category": "malicious",
+    "engine_name": "MicroWorld-eScan",
+    "engine_update": "20240616",
+    "engine_version": "14.0.409.0",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Ransom.224225"
+  },
+  "Microsoft": {
+    "category": "malicious",
+    "engine_name": "Microsoft",
+    "engine_update": "20240616",
+    "engine_version": "1.1.24050.5",
+    "method": "blacklist",
+    "result": "Ransom:Linux/Filecoder!MTB"
+  },
+  "NANO-Antivirus": {
+    "category": "malicious",
+    "engine_name": "NANO-Antivirus",
+    "engine_update": "20240616",
+    "engine_version": "1.0.146.25796",
+    "method": "blacklist",
+    "result": "Trojan.Elf64.Ransom.jyhqzy"
+  },
+  "Paloalto": {
+    "category": "type-unsupported",
+    "engine_name": "Paloalto",
+    "engine_update": "20240616",
+    "engine_version": "0.9.0.1003",
+    "method": "blacklist",
+    "result": null
+  },
+  "Panda": {
+    "category": "malicious",
+    "engine_name": "Panda",
+    "engine_update": "20240616",
+    "engine_version": "4.6.4.2",
+    "method": "blacklist",
+    "result": "ELF/TrojanGen.A"
+  },
+  "Rising": {
+    "category": "malicious",
+    "engine_name": "Rising",
+    "engine_update": "20240616",
+    "engine_version": "25.0.0.27",
+    "method": "blacklist",
+    "result": "Ransom.Hive!8.12EEE (CLOUD)"
+  },
+  "SUPERAntiSpyware": {
+    "category": "undetected",
+    "engine_name": "SUPERAntiSpyware",
+    "engine_update": "20240615",
+    "engine_version": "5.6.0.1032",
+    "method": "blacklist",
+    "result": null
+  },
+  "Sangfor": {
+    "category": "undetected",
+    "engine_name": "Sangfor",
+    "engine_update": "20240614",
+    "engine_version": "2.25.10.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "SentinelOne": {
+    "category": "undetected",
+    "engine_name": "SentinelOne",
+    "engine_update": "20240417",
+    "engine_version": "24.2.1.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "Skyhigh": {
+    "category": "malicious",
+    "engine_name": "Skyhigh",
+    "engine_update": "20240615",
+    "engine_version": "v2021.2.0+4045",
+    "method": "blacklist",
+    "result": "Ransom-Hive!171D2A50C6D7"
+  },
+  "Sophos": {
+    "category": "malicious",
+    "engine_name": "Sophos",
+    "engine_update": "20240616",
+    "engine_version": "2.5.5.0",
+    "method": "blacklist",
+    "result": "Mal/Generic-S"
+  },
+  "Symantec": {
+    "category": "malicious",
+    "engine_name": "Symantec",
+    "engine_update": "20240616",
+    "engine_version": "1.21.0.0",
+    "method": "blacklist",
+    "result": "Trojan Horse"
+  },
+  "SymantecMobileInsight": {
+    "category": "type-unsupported",
+    "engine_name": "SymantecMobileInsight",
+    "engine_update": "20240103",
+    "engine_version": "2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "TACHYON": {
+    "category": "undetected",
+    "engine_name": "TACHYON",
+    "engine_update": "20240616",
+    "engine_version": "2024-06-16.02",
+    "method": "blacklist",
+    "result": null
+  },
+  "Tencent": {
+    "category": "malicious",
+    "engine_name": "Tencent",
+    "engine_update": "20240616",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": "Linux.Trojan-Ransom.Hive.Jqil"
+  },
+  "Trapmine": {
+    "category": "type-unsupported",
+    "engine_name": "Trapmine",
+    "engine_update": "20240223",
+    "engine_version": "4.0.16.96",
+    "method": "blacklist",
+    "result": null
+  },
+  "TrendMicro": {
+    "category": "malicious",
+    "engine_name": "TrendMicro",
+    "engine_update": "20240616",
+    "engine_version": "11.0.0.1006",
+    "method": "blacklist",
+    "result": "Trojan.Linux.FILECODERHIVE.USELVL521"
+  },
+  "TrendMicro-HouseCall": {
+    "category": "malicious",
+    "engine_name": "TrendMicro-HouseCall",
+    "engine_update": "20240616",
+    "engine_version": "10.0.0.1040",
+    "method": "blacklist",
+    "result": "Trojan.Linux.FILECODERHIVE.USELVL521"
+  },
+  "Trustlook": {
+    "category": "type-unsupported",
+    "engine_name": "Trustlook",
+    "engine_update": "20240616",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VBA32": {
+    "category": "undetected",
+    "engine_name": "VBA32",
+    "engine_update": "20240614",
+    "engine_version": "5.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VIPRE": {
+    "category": "malicious",
+    "engine_name": "VIPRE",
+    "engine_update": "20240616",
+    "engine_version": "6.0.0.35",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Ransom.224225"
+  },
+  "Varist": {
+    "category": "malicious",
+    "engine_name": "Varist",
+    "engine_update": "20240616",
+    "engine_version": "6.5.1.2",
+    "method": "blacklist",
+    "result": "E64/DCFilcdr.JVGT-"
+  },
+  "ViRobot": {
+    "category": "undetected",
+    "engine_name": "ViRobot",
+    "engine_update": "20240616",
+    "engine_version": "2014.3.20.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VirIT": {
+    "category": "undetected",
+    "engine_name": "VirIT",
+    "engine_update": "20240614",
+    "engine_version": "9.5.724",
+    "method": "blacklist",
+    "result": null
+  },
+  "Webroot": {
+    "category": "type-unsupported",
+    "engine_name": "Webroot",
+    "engine_update": "20240616",
+    "engine_version": "1.0.0.403",
+    "method": "blacklist",
+    "result": null
+  },
+  "Xcitium": {
+    "category": "undetected",
+    "engine_name": "Xcitium",
+    "engine_update": "20240616",
+    "engine_version": "36795",
+    "method": "blacklist",
+    "result": null
+  },
+  "Yandex": {
+    "category": "undetected",
+    "engine_name": "Yandex",
+    "engine_update": "20240615",
+    "engine_version": "5.5.2.24",
+    "method": "blacklist",
+    "result": null
+  },
+  "Zillya": {
+    "category": "malicious",
+    "engine_name": "Zillya",
+    "engine_update": "20240615",
+    "engine_version": "2.0.0.5134",
+    "method": "blacklist",
+    "result": "Trojan.Filecoder.Linux.78"
+  },
+  "ZoneAlarm": {
+    "category": "malicious",
+    "engine_name": "ZoneAlarm",
+    "engine_update": "20240616",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": "HEUR:Trojan-Ransom.Linux.Hive.b"
+  },
+  "Zoner": {
+    "category": "undetected",
+    "engine_name": "Zoner",
+    "engine_update": "20240616",
+    "engine_version": "2.2.2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "alibabacloud": {
+    "category": "malicious",
+    "engine_name": "alibabacloud",
+    "engine_update": "20240614",
+    "engine_version": "2.1.3",
+    "method": "blacklist",
+    "result": "RansomWare"
+  },
+  "tehtris": {
+    "category": "undetected",
+    "engine_name": "tehtris",
+    "engine_update": "20240616",
+    "engine_version": null,
+    "method": "blacklist",
+    "result": null
+  }
+}
--- a/linux/776ea636ee33aab6b2db5f46889b027c297280db37400efb091e0d4a9001a7d7/README.md
+++ b/linux/776ea636ee33aab6b2db5f46889b027c297280db37400efb091e0d4a9001a7d7/README.md
@ -0,0 +1,58 @@
+
+# Sample Information
+
+<table>
+  <tr>
+    <td><b>VirusTotal Threat Label</b></td>
+    <td><b><span style="color: red">trojan.revil/sodinokibi</span></b></td>
+  </tr>
+  <tr>
+    <td><b>md5</b></td>
+    <td>73041d7b9a93d3cda76e2a052ac02e82</td>
+  </tr>
+  <tr>
+    <td><b>sha1</b></td>
+    <td>f995852f291e2c946e15d20d020bb8e8defd317f</td>
+  </tr>
+  <tr>
+    <td><b>sha256</b></td>
+    <td>776ea636ee33aab6b2db5f46889b027c297280db37400efb091e0d4a9001a7d7</td>
+  </tr>
+  <tr>
+    <td><b>sha512</b></td>
+    <td>6f430874949362bf2d9d29153c0f9d0e5c53ea7bf69a44cf14c2627981d87ff0ad45fb12c26223dc33ceebf57b6113db37e347b2b4b2fa7ac037a63edc209371</td>
+  </tr>
+</table>
+
+**VirusTotal**: https://www.virustotal.com/gui/file/776ea636ee33aab6b2db5f46889b027c297280db37400efb091e0d4a9001a7d7
+
+## Detection Names
+
+a variant of Linux/Filecoder.Sodinokibi.A  
+Detected  
+E64/ABRansom.YAVB-  
+ELF:Filecoder-BN [Trj]  
+Gen:Variant.Trojan.Linux.Revil.1  
+Gen:Variant.Trojan.Linux.Revil.1 (B)  
+HEUR:Trojan-Ransom.Linux.Agent.z  
+Linux.Encoder.92  
+Linux/Ransm-K  
+Linux.RansomSodinokibi  
+Linux.Ransomware.Sodinokibi  
+LINUX/Sodinokibi.a  
+LINUX/Sodinokibi.G  
+Linux.Trojan-Ransom.Agent.Pqil  
+Malicious (score: 99)  
+malware (ai score=84)  
+Malware.LINUX/Sodinokibi.G  
+Ransom:Linux/MoneyMessage.K!MTB  
+Ransom.Linux.SODINOKIBI.SMYXCFL  
+Ransom.Sodinokibi/Linux!1.D7B7 (CLASSIC)  
+Ransomware:Linux/Revil.3e7c0b8a  
+Static AI - Suspicious ELF  
+Trojan.Generic.gyagl  
+Trojan-Ransom.Elf.REvil  
+Trojan[Ransom]/Linux.Sodin.gen  
+Trojan.Trojan.Linux.Revil.1  
+Unix.Ransomware.REvil-9876132-0  
+
--- a/linux/776ea636ee33aab6b2db5f46889b027c297280db37400efb091e0d4a9001a7d7/virustotal.json
+++ b/linux/776ea636ee33aab6b2db5f46889b027c297280db37400efb091e0d4a9001a7d7/virustotal.json
@ -0,0 +1,626 @@
+{
+  "ALYac": {
+    "category": "malicious",
+    "engine_name": "ALYac",
+    "engine_update": "20240701",
+    "engine_version": "2.0.0.10",
+    "method": "blacklist",
+    "result": "Gen:Variant.Trojan.Linux.Revil.1"
+  },
+  "APEX": {
+    "category": "type-unsupported",
+    "engine_name": "APEX",
+    "engine_update": "20240701",
+    "engine_version": "6.548",
+    "method": "blacklist",
+    "result": null
+  },
+  "AVG": {
+    "category": "malicious",
+    "engine_name": "AVG",
+    "engine_update": "20240701",
+    "engine_version": "23.9.8494.0",
+    "method": "blacklist",
+    "result": "ELF:Filecoder-BN [Trj]"
+  },
+  "Acronis": {
+    "category": "undetected",
+    "engine_name": "Acronis",
+    "engine_update": "20240328",
+    "engine_version": "1.2.0.121",
+    "method": "blacklist",
+    "result": null
+  },
+  "AhnLab-V3": {
+    "category": "undetected",
+    "engine_name": "AhnLab-V3",
+    "engine_update": "20240701",
+    "engine_version": "3.26.0.10499",
+    "method": "blacklist",
+    "result": null
+  },
+  "Alibaba": {
+    "category": "type-unsupported",
+    "engine_name": "Alibaba",
+    "engine_update": "20190527",
+    "engine_version": "0.3.0.5",
+    "method": "blacklist",
+    "result": null
+  },
+  "Antiy-AVL": {
+    "category": "malicious",
+    "engine_name": "Antiy-AVL",
+    "engine_update": "20240701",
+    "engine_version": "3.0",
+    "method": "blacklist",
+    "result": "Trojan[Ransom]/Linux.Sodin.gen"
+  },
+  "Arcabit": {
+    "category": "malicious",
+    "engine_name": "Arcabit",
+    "engine_update": "20240701",
+    "engine_version": "2022.0.0.18",
+    "method": "blacklist",
+    "result": "Trojan.Trojan.Linux.Revil.1"
+  },
+  "Avast": {
+    "category": "malicious",
+    "engine_name": "Avast",
+    "engine_update": "20240701",
+    "engine_version": "23.9.8494.0",
+    "method": "blacklist",
+    "result": "ELF:Filecoder-BN [Trj]"
+  },
+  "Avast-Mobile": {
+    "category": "undetected",
+    "engine_name": "Avast-Mobile",
+    "engine_update": "20240701",
+    "engine_version": "240701-00",
+    "method": "blacklist",
+    "result": null
+  },
+  "Avira": {
+    "category": "malicious",
+    "engine_name": "Avira",
+    "engine_update": "20240701",
+    "engine_version": "8.3.3.20",
+    "method": "blacklist",
+    "result": "LINUX/Sodinokibi.G"
+  },
+  "Baidu": {
+    "category": "undetected",
+    "engine_name": "Baidu",
+    "engine_update": "20190318",
+    "engine_version": "1.0.0.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefender": {
+    "category": "malicious",
+    "engine_name": "BitDefender",
+    "engine_update": "20240701",
+    "engine_version": "7.2",
+    "method": "blacklist",
+    "result": "Gen:Variant.Trojan.Linux.Revil.1"
+  },
+  "BitDefenderFalx": {
+    "category": "type-unsupported",
+    "engine_name": "BitDefenderFalx",
+    "engine_update": "20240128",
+    "engine_version": "2.0.936",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefenderTheta": {
+    "category": "undetected",
+    "engine_name": "BitDefenderTheta",
+    "engine_update": "20240621",
+    "engine_version": "7.2.37796.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Bkav": {
+    "category": "undetected",
+    "engine_name": "Bkav",
+    "engine_update": "20240701",
+    "engine_version": "2.0.0.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "CAT-QuickHeal": {
+    "category": "undetected",
+    "engine_name": "CAT-QuickHeal",
+    "engine_update": "20240630",
+    "engine_version": "22.00",
+    "method": "blacklist",
+    "result": null
+  },
+  "CMC": {
+    "category": "undetected",
+    "engine_name": "CMC",
+    "engine_update": "20240629",
+    "engine_version": "2.4.2022.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "ClamAV": {
+    "category": "malicious",
+    "engine_name": "ClamAV",
+    "engine_update": "20240701",
+    "engine_version": "1.3.1.0",
+    "method": "blacklist",
+    "result": "Unix.Ransomware.REvil-9876132-0"
+  },
+  "CrowdStrike": {
+    "category": "undetected",
+    "engine_name": "CrowdStrike",
+    "engine_update": "20231026",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cybereason": {
+    "category": "undetected",
+    "engine_name": "Cybereason",
+    "engine_update": "20240623",
+    "engine_version": "1.2.449",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cylance": {
+    "category": "failure",
+    "engine_name": "Cylance",
+    "engine_update": "20240627",
+    "engine_version": "3.0.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cynet": {
+    "category": "malicious",
+    "engine_name": "Cynet",
+    "engine_update": "20240701",
+    "engine_version": "4.0.1.1",
+    "method": "blacklist",
+    "result": "Malicious (score: 99)"
+  },
+  "DeepInstinct": {
+    "category": "type-unsupported",
+    "engine_name": "DeepInstinct",
+    "engine_update": "20240625",
+    "engine_version": "5.0.0.8",
+    "method": "blacklist",
+    "result": null
+  },
+  "DrWeb": {
+    "category": "malicious",
+    "engine_name": "DrWeb",
+    "engine_update": "20240701",
+    "engine_version": "7.0.65.5230",
+    "method": "blacklist",
+    "result": "Linux.Encoder.92"
+  },
+  "ESET-NOD32": {
+    "category": "malicious",
+    "engine_name": "ESET-NOD32",
+    "engine_update": "20240701",
+    "engine_version": "29483",
+    "method": "blacklist",
+    "result": "a variant of Linux/Filecoder.Sodinokibi.A"
+  },
+  "Elastic": {
+    "category": "malicious",
+    "engine_name": "Elastic",
+    "engine_update": "20240701",
+    "engine_version": "4.0.156",
+    "method": "blacklist",
+    "result": "Linux.Ransomware.Sodinokibi"
+  },
+  "Emsisoft": {
+    "category": "malicious",
+    "engine_name": "Emsisoft",
+    "engine_update": "20240701",
+    "engine_version": "2024.1.0.53752",
+    "method": "blacklist",
+    "result": "Gen:Variant.Trojan.Linux.Revil.1 (B)"
+  },
+  "F-Secure": {
+    "category": "malicious",
+    "engine_name": "F-Secure",
+    "engine_update": "20240701",
+    "engine_version": "18.10.1547.307",
+    "method": "blacklist",
+    "result": "Malware.LINUX/Sodinokibi.G"
+  },
+  "FireEye": {
+    "category": "malicious",
+    "engine_name": "FireEye",
+    "engine_update": "20240701",
+    "engine_version": "35.47.0.0",
+    "method": "blacklist",
+    "result": "Gen:Variant.Trojan.Linux.Revil.1"
+  },
+  "Fortinet": {
+    "category": "undetected",
+    "engine_name": "Fortinet",
+    "engine_update": "20240701",
+    "engine_version": "None",
+    "method": "blacklist",
+    "result": null
+  },
+  "GData": {
+    "category": "malicious",
+    "engine_name": "GData",
+    "engine_update": "20240701",
+    "engine_version": "A:25.38388B:27.36563",
+    "method": "blacklist",
+    "result": "Gen:Variant.Trojan.Linux.Revil.1"
+  },
+  "Google": {
+    "category": "malicious",
+    "engine_name": "Google",
+    "engine_update": "20240701",
+    "engine_version": "1719833454",
+    "method": "blacklist",
+    "result": "Detected"
+  },
+  "Gridinsoft": {
+    "category": "undetected",
+    "engine_name": "Gridinsoft",
+    "engine_update": "20240701",
+    "engine_version": "1.0.181.174",
+    "method": "blacklist",
+    "result": null
+  },
+  "Ikarus": {
+    "category": "malicious",
+    "engine_name": "Ikarus",
+    "engine_update": "20240701",
+    "engine_version": "6.3.12.0",
+    "method": "blacklist",
+    "result": "Trojan-Ransom.Elf.REvil"
+  },
+  "Jiangmin": {
+    "category": "malicious",
+    "engine_name": "Jiangmin",
+    "engine_update": "20240701",
+    "engine_version": "16.0.100",
+    "method": "blacklist",
+    "result": "Trojan.Generic.gyagl"
+  },
+  "K7AntiVirus": {
+    "category": "undetected",
+    "engine_name": "K7AntiVirus",
+    "engine_update": "20240701",
+    "engine_version": "12.170.52458",
+    "method": "blacklist",
+    "result": null
+  },
+  "K7GW": {
+    "category": "undetected",
+    "engine_name": "K7GW",
+    "engine_update": "20240701",
+    "engine_version": "12.171.52461",
+    "method": "blacklist",
+    "result": null
+  },
+  "Kaspersky": {
+    "category": "malicious",
+    "engine_name": "Kaspersky",
+    "engine_update": "20240701",
+    "engine_version": "22.0.1.28",
+    "method": "blacklist",
+    "result": "HEUR:Trojan-Ransom.Linux.Agent.z"
+  },
+  "Kingsoft": {
+    "category": "undetected",
+    "engine_name": "Kingsoft",
+    "engine_update": "20230906",
+    "engine_version": "None",
+    "method": "blacklist",
+    "result": null
+  },
+  "Lionic": {
+    "category": "undetected",
+    "engine_name": "Lionic",
+    "engine_update": "20240701",
+    "engine_version": "8.16",
+    "method": "blacklist",
+    "result": null
+  },
+  "MAX": {
+    "category": "malicious",
+    "engine_name": "MAX",
+    "engine_update": "20240701",
+    "engine_version": "2023.1.4.1",
+    "method": "blacklist",
+    "result": "malware (ai score=84)"
+  },
+  "Malwarebytes": {
+    "category": "undetected",
+    "engine_name": "Malwarebytes",
+    "engine_update": "20240701",
+    "engine_version": "4.5.5.54",
+    "method": "blacklist",
+    "result": null
+  },
+  "MaxSecure": {
+    "category": "undetected",
+    "engine_name": "MaxSecure",
+    "engine_update": "20240701",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "McAfee": {
+    "category": "undetected",
+    "engine_name": "McAfee",
+    "engine_update": "20240701",
+    "engine_version": "6.0.6.653",
+    "method": "blacklist",
+    "result": null
+  },
+  "McAfeeD": {
+    "category": "type-unsupported",
+    "engine_name": "McAfeeD",
+    "engine_update": "20240701",
+    "engine_version": "1.2.0.7628",
+    "method": "blacklist",
+    "result": null
+  },
+  "MicroWorld-eScan": {
+    "category": "malicious",
+    "engine_name": "MicroWorld-eScan",
+    "engine_update": "20240701",
+    "engine_version": "14.0.409.0",
+    "method": "blacklist",
+    "result": "Gen:Variant.Trojan.Linux.Revil.1"
+  },
+  "Microsoft": {
+    "category": "malicious",
+    "engine_name": "Microsoft",
+    "engine_update": "20240701",
+    "engine_version": "1.1.24050.5",
+    "method": "blacklist",
+    "result": "Ransom:Linux/MoneyMessage.K!MTB"
+  },
+  "NANO-Antivirus": {
+    "category": "undetected",
+    "engine_name": "NANO-Antivirus",
+    "engine_update": "20240701",
+    "engine_version": "1.0.146.25796",
+    "method": "blacklist",
+    "result": null
+  },
+  "Paloalto": {
+    "category": "type-unsupported",
+    "engine_name": "Paloalto",
+    "engine_update": "20240701",
+    "engine_version": "0.9.0.1003",
+    "method": "blacklist",
+    "result": null
+  },
+  "Panda": {
+    "category": "undetected",
+    "engine_name": "Panda",
+    "engine_update": "20240701",
+    "engine_version": "4.6.4.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "Rising": {
+    "category": "malicious",
+    "engine_name": "Rising",
+    "engine_update": "20240701",
+    "engine_version": "25.0.0.27",
+    "method": "blacklist",
+    "result": "Ransom.Sodinokibi/Linux!1.D7B7 (CLASSIC)"
+  },
+  "SUPERAntiSpyware": {
+    "category": "undetected",
+    "engine_name": "SUPERAntiSpyware",
+    "engine_update": "20240701",
+    "engine_version": "5.6.0.1032",
+    "method": "blacklist",
+    "result": null
+  },
+  "Sangfor": {
+    "category": "undetected",
+    "engine_name": "Sangfor",
+    "engine_update": "20240627",
+    "engine_version": "2.25.10.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "SentinelOne": {
+    "category": "malicious",
+    "engine_name": "SentinelOne",
+    "engine_update": "20240417",
+    "engine_version": "24.2.1.1",
+    "method": "blacklist",
+    "result": "Static AI - Suspicious ELF"
+  },
+  "Skyhigh": {
+    "category": "malicious",
+    "engine_name": "Skyhigh",
+    "engine_update": "20240630",
+    "engine_version": "v2021.2.0+4045",
+    "method": "blacklist",
+    "result": "LINUX/Sodinokibi.a"
+  },
+  "Sophos": {
+    "category": "malicious",
+    "engine_name": "Sophos",
+    "engine_update": "20240701",
+    "engine_version": "2.5.5.0",
+    "method": "blacklist",
+    "result": "Linux/Ransm-K"
+  },
+  "Symantec": {
+    "category": "malicious",
+    "engine_name": "Symantec",
+    "engine_update": "20240630",
+    "engine_version": "1.21.0.0",
+    "method": "blacklist",
+    "result": "Linux.RansomSodinokibi"
+  },
+  "SymantecMobileInsight": {
+    "category": "type-unsupported",
+    "engine_name": "SymantecMobileInsight",
+    "engine_update": "20240103",
+    "engine_version": "2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "TACHYON": {
+    "category": "undetected",
+    "engine_name": "TACHYON",
+    "engine_update": "20240701",
+    "engine_version": "2024-07-01.02",
+    "method": "blacklist",
+    "result": null
+  },
+  "Tencent": {
+    "category": "malicious",
+    "engine_name": "Tencent",
+    "engine_update": "20240701",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": "Linux.Trojan-Ransom.Agent.Pqil"
+  },
+  "Trapmine": {
+    "category": "type-unsupported",
+    "engine_name": "Trapmine",
+    "engine_update": "20240223",
+    "engine_version": "4.0.16.96",
+    "method": "blacklist",
+    "result": null
+  },
+  "TrendMicro": {
+    "category": "malicious",
+    "engine_name": "TrendMicro",
+    "engine_update": "20240701",
+    "engine_version": "11.0.0.1006",
+    "method": "blacklist",
+    "result": "Ransom.Linux.SODINOKIBI.SMYXCFL"
+  },
+  "TrendMicro-HouseCall": {
+    "category": "undetected",
+    "engine_name": "TrendMicro-HouseCall",
+    "engine_update": "20240701",
+    "engine_version": "10.0.0.1040",
+    "method": "blacklist",
+    "result": null
+  },
+  "Trustlook": {
+    "category": "type-unsupported",
+    "engine_name": "Trustlook",
+    "engine_update": "20240701",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VBA32": {
+    "category": "undetected",
+    "engine_name": "VBA32",
+    "engine_update": "20240701",
+    "engine_version": "5.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VIPRE": {
+    "category": "malicious",
+    "engine_name": "VIPRE",
+    "engine_update": "20240630",
+    "engine_version": "6.0.0.35",
+    "method": "blacklist",
+    "result": "Gen:Variant.Trojan.Linux.Revil.1"
+  },
+  "Varist": {
+    "category": "malicious",
+    "engine_name": "Varist",
+    "engine_update": "20240701",
+    "engine_version": "6.5.1.2",
+    "method": "blacklist",
+    "result": "E64/ABRansom.YAVB-"
+  },
+  "ViRobot": {
+    "category": "undetected",
+    "engine_name": "ViRobot",
+    "engine_update": "20240701",
+    "engine_version": "2014.3.20.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VirIT": {
+    "category": "undetected",
+    "engine_name": "VirIT",
+    "engine_update": "20240701",
+    "engine_version": "9.5.735",
+    "method": "blacklist",
+    "result": null
+  },
+  "Webroot": {
+    "category": "type-unsupported",
+    "engine_name": "Webroot",
+    "engine_update": "20240701",
+    "engine_version": "1.0.0.403",
+    "method": "blacklist",
+    "result": null
+  },
+  "Xcitium": {
+    "category": "undetected",
+    "engine_name": "Xcitium",
+    "engine_update": "20240701",
+    "engine_version": "36837",
+    "method": "blacklist",
+    "result": null
+  },
+  "Yandex": {
+    "category": "undetected",
+    "engine_name": "Yandex",
+    "engine_update": "20240701",
+    "engine_version": "5.5.2.24",
+    "method": "blacklist",
+    "result": null
+  },
+  "Zillya": {
+    "category": "undetected",
+    "engine_name": "Zillya",
+    "engine_update": "20240701",
+    "engine_version": "2.0.0.5144",
+    "method": "blacklist",
+    "result": null
+  },
+  "ZoneAlarm": {
+    "category": "malicious",
+    "engine_name": "ZoneAlarm",
+    "engine_update": "20240701",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": "HEUR:Trojan-Ransom.Linux.Agent.z"
+  },
+  "Zoner": {
+    "category": "undetected",
+    "engine_name": "Zoner",
+    "engine_update": "20240701",
+    "engine_version": "2.2.2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "alibabacloud": {
+    "category": "malicious",
+    "engine_name": "alibabacloud",
+    "engine_update": "20240620",
+    "engine_version": "2.1.0",
+    "method": "blacklist",
+    "result": "Ransomware:Linux/Revil.3e7c0b8a"
+  },
+  "tehtris": {
+    "category": "undetected",
+    "engine_name": "tehtris",
+    "engine_update": "20240701",
+    "engine_version": "v0.1.4",
+    "method": "blacklist",
+    "result": null
+  }
+}
--- a/linux/9e70725640c4284e2049e4b25c9cc46cca496053cebf69855ec25acc9bd63e05/README.md
+++ b/linux/9e70725640c4284e2049e4b25c9cc46cca496053cebf69855ec25acc9bd63e05/README.md
@ -0,0 +1,56 @@
+
+# Sample Information
+
+<table>
+  <tr>
+    <td><b>VirusTotal Threat Label</b></td>
+    <td><b><span style="color: red">trojan.expl/genericrxtd</span></b></td>
+  </tr>
+  <tr>
+    <td><b>md5</b></td>
+    <td>85ed1956d405087848be7cbeded6c7e2</td>
+  </tr>
+  <tr>
+    <td><b>sha1</b></td>
+    <td>e47fa415628cccca044e4f65f125be9a0b8d4ccf</td>
+  </tr>
+  <tr>
+    <td><b>sha256</b></td>
+    <td>9e70725640c4284e2049e4b25c9cc46cca496053cebf69855ec25acc9bd63e05</td>
+  </tr>
+  <tr>
+    <td><b>sha512</b></td>
+    <td>80c13bee730b1581d83eaef054e4f002a25a8f41ba848237f3b933a2f3530d4086833eef4a61ca41c54b01d8b10d2c0365081ef18175db5fd8acb2cf67c86130</td>
+  </tr>
+</table>
+
+**VirusTotal**: https://www.virustotal.com/gui/file/9e70725640c4284e2049e4b25c9cc46cca496053cebf69855ec25acc9bd63e05
+
+## Detection Names
+
+Backdoor[shellcode]:Linux/fackexp.A  
+Detected  
+E64/Agent.OF  
+ELF:Agent-BIN [Expl]  
+ELF/TrojanGen.A  
+EXP/AVI.Agent.ocayj  
+Exploit.Agent  
+Exploit.Agent/Linux!1.FD49 (CLASSIC)  
+Exploit.EXP/AVI.Agent.ocayj  
+GenericRXTD-TM!85ED1956D405  
+HEUR:Trojan-Dropper.Linux.Agent.l  
+Linux/Exploit.Agent.GU  
+Linux.MulDrop.85  
+Linux.Trojan-Dropper.Agent.l  
+Linux.Trojan-Dropper.Agent.Tnkl  
+Malicious (score: 99)  
+TrojanDropper.Linux.ed  
+Trojan[Exploit]/Linux.Agent.gen  
+Trojan.Generic.36318000  
+Trojan.Generic.36318000 (B)  
+Trojan.Generic.D22A2B30  
+Trojan.Gen.NPE  
+Trojan.Linux.Agent.b!c  
+Trojan:Linux/Multiverze  
+TROJ_GEN.R002C0DFD24  
+
--- a/linux/9e70725640c4284e2049e4b25c9cc46cca496053cebf69855ec25acc9bd63e05/virustotal.json
+++ b/linux/9e70725640c4284e2049e4b25c9cc46cca496053cebf69855ec25acc9bd63e05/virustotal.json
@ -0,0 +1,626 @@
+{
+  "ALYac": {
+    "category": "malicious",
+    "engine_name": "ALYac",
+    "engine_update": "20240623",
+    "engine_version": "2.0.0.10",
+    "method": "blacklist",
+    "result": "Trojan.Generic.36318000"
+  },
+  "APEX": {
+    "category": "type-unsupported",
+    "engine_name": "APEX",
+    "engine_update": "20240622",
+    "engine_version": "6.545",
+    "method": "blacklist",
+    "result": null
+  },
+  "AVG": {
+    "category": "malicious",
+    "engine_name": "AVG",
+    "engine_update": "20240623",
+    "engine_version": "23.9.8494.0",
+    "method": "blacklist",
+    "result": "ELF:Agent-BIN [Expl]"
+  },
+  "Acronis": {
+    "category": "undetected",
+    "engine_name": "Acronis",
+    "engine_update": "20240328",
+    "engine_version": "1.2.0.121",
+    "method": "blacklist",
+    "result": null
+  },
+  "AhnLab-V3": {
+    "category": "undetected",
+    "engine_name": "AhnLab-V3",
+    "engine_update": "20240623",
+    "engine_version": "3.25.1.10473",
+    "method": "blacklist",
+    "result": null
+  },
+  "Alibaba": {
+    "category": "type-unsupported",
+    "engine_name": "Alibaba",
+    "engine_update": "20190527",
+    "engine_version": "0.3.0.5",
+    "method": "blacklist",
+    "result": null
+  },
+  "Antiy-AVL": {
+    "category": "malicious",
+    "engine_name": "Antiy-AVL",
+    "engine_update": "20240623",
+    "engine_version": "3.0",
+    "method": "blacklist",
+    "result": "Trojan[Exploit]/Linux.Agent.gen"
+  },
+  "Arcabit": {
+    "category": "malicious",
+    "engine_name": "Arcabit",
+    "engine_update": "20240623",
+    "engine_version": "2022.0.0.18",
+    "method": "blacklist",
+    "result": "Trojan.Generic.D22A2B30"
+  },
+  "Avast": {
+    "category": "malicious",
+    "engine_name": "Avast",
+    "engine_update": "20240623",
+    "engine_version": "23.9.8494.0",
+    "method": "blacklist",
+    "result": "ELF:Agent-BIN [Expl]"
+  },
+  "Avast-Mobile": {
+    "category": "undetected",
+    "engine_name": "Avast-Mobile",
+    "engine_update": "20240623",
+    "engine_version": "240623-00",
+    "method": "blacklist",
+    "result": null
+  },
+  "Avira": {
+    "category": "malicious",
+    "engine_name": "Avira",
+    "engine_update": "20240623",
+    "engine_version": "8.3.3.18",
+    "method": "blacklist",
+    "result": "EXP/AVI.Agent.ocayj"
+  },
+  "Baidu": {
+    "category": "undetected",
+    "engine_name": "Baidu",
+    "engine_update": "20190318",
+    "engine_version": "1.0.0.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefender": {
+    "category": "malicious",
+    "engine_name": "BitDefender",
+    "engine_update": "20240623",
+    "engine_version": "7.2",
+    "method": "blacklist",
+    "result": "Trojan.Generic.36318000"
+  },
+  "BitDefenderFalx": {
+    "category": "type-unsupported",
+    "engine_name": "BitDefenderFalx",
+    "engine_update": "20240128",
+    "engine_version": "2.0.936",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefenderTheta": {
+    "category": "undetected",
+    "engine_name": "BitDefenderTheta",
+    "engine_update": "20240621",
+    "engine_version": "7.2.37796.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Bkav": {
+    "category": "undetected",
+    "engine_name": "Bkav",
+    "engine_update": "20240623",
+    "engine_version": "2.0.0.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "CAT-QuickHeal": {
+    "category": "undetected",
+    "engine_name": "CAT-QuickHeal",
+    "engine_update": "20240622",
+    "engine_version": "22.00",
+    "method": "blacklist",
+    "result": null
+  },
+  "CMC": {
+    "category": "undetected",
+    "engine_name": "CMC",
+    "engine_update": "20240622",
+    "engine_version": "2.4.2022.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "ClamAV": {
+    "category": "undetected",
+    "engine_name": "ClamAV",
+    "engine_update": "20240623",
+    "engine_version": "1.3.1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "CrowdStrike": {
+    "category": "undetected",
+    "engine_name": "CrowdStrike",
+    "engine_update": "20231026",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cybereason": {
+    "category": "undetected",
+    "engine_name": "Cybereason",
+    "engine_update": "20240623",
+    "engine_version": "1.2.449",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cylance": {
+    "category": "type-unsupported",
+    "engine_name": "Cylance",
+    "engine_update": "20240620",
+    "engine_version": "3.0.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cynet": {
+    "category": "malicious",
+    "engine_name": "Cynet",
+    "engine_update": "20240623",
+    "engine_version": "4.0.1.1",
+    "method": "blacklist",
+    "result": "Malicious (score: 99)"
+  },
+  "DeepInstinct": {
+    "category": "type-unsupported",
+    "engine_name": "DeepInstinct",
+    "engine_update": "20240606",
+    "engine_version": "5.0.0.8",
+    "method": "blacklist",
+    "result": null
+  },
+  "DrWeb": {
+    "category": "malicious",
+    "engine_name": "DrWeb",
+    "engine_update": "20240623",
+    "engine_version": "7.0.65.5230",
+    "method": "blacklist",
+    "result": "Linux.MulDrop.85"
+  },
+  "ESET-NOD32": {
+    "category": "malicious",
+    "engine_name": "ESET-NOD32",
+    "engine_update": "20240623",
+    "engine_version": "29440",
+    "method": "blacklist",
+    "result": "Linux/Exploit.Agent.GU"
+  },
+  "Elastic": {
+    "category": "undetected",
+    "engine_name": "Elastic",
+    "engine_update": "20240621",
+    "engine_version": "4.0.152",
+    "method": "blacklist",
+    "result": null
+  },
+  "Emsisoft": {
+    "category": "malicious",
+    "engine_name": "Emsisoft",
+    "engine_update": "20240623",
+    "engine_version": "2024.1.0.53752",
+    "method": "blacklist",
+    "result": "Trojan.Generic.36318000 (B)"
+  },
+  "F-Secure": {
+    "category": "malicious",
+    "engine_name": "F-Secure",
+    "engine_update": "20240623",
+    "engine_version": "18.10.1547.307",
+    "method": "blacklist",
+    "result": "Exploit.EXP/AVI.Agent.ocayj"
+  },
+  "FireEye": {
+    "category": "malicious",
+    "engine_name": "FireEye",
+    "engine_update": "20240623",
+    "engine_version": "35.47.0.0",
+    "method": "blacklist",
+    "result": "Trojan.Generic.36318000"
+  },
+  "Fortinet": {
+    "category": "undetected",
+    "engine_name": "Fortinet",
+    "engine_update": "20240623",
+    "engine_version": "None",
+    "method": "blacklist",
+    "result": null
+  },
+  "GData": {
+    "category": "malicious",
+    "engine_name": "GData",
+    "engine_update": "20240623",
+    "engine_version": "A:25.38337B:27.36466",
+    "method": "blacklist",
+    "result": "Trojan.Generic.36318000"
+  },
+  "Google": {
+    "category": "malicious",
+    "engine_name": "Google",
+    "engine_update": "20240623",
+    "engine_version": "1719138681",
+    "method": "blacklist",
+    "result": "Detected"
+  },
+  "Gridinsoft": {
+    "category": "undetected",
+    "engine_name": "Gridinsoft",
+    "engine_update": "20240623",
+    "engine_version": "1.0.179.174",
+    "method": "blacklist",
+    "result": null
+  },
+  "Ikarus": {
+    "category": "malicious",
+    "engine_name": "Ikarus",
+    "engine_update": "20240623",
+    "engine_version": "6.3.12.0",
+    "method": "blacklist",
+    "result": "Exploit.Agent"
+  },
+  "Jiangmin": {
+    "category": "malicious",
+    "engine_name": "Jiangmin",
+    "engine_update": "20240622",
+    "engine_version": "16.0.100",
+    "method": "blacklist",
+    "result": "TrojanDropper.Linux.ed"
+  },
+  "K7AntiVirus": {
+    "category": "undetected",
+    "engine_name": "K7AntiVirus",
+    "engine_update": "20240623",
+    "engine_version": "12.169.52380",
+    "method": "blacklist",
+    "result": null
+  },
+  "K7GW": {
+    "category": "undetected",
+    "engine_name": "K7GW",
+    "engine_update": "20240623",
+    "engine_version": "12.169.52380",
+    "method": "blacklist",
+    "result": null
+  },
+  "Kaspersky": {
+    "category": "malicious",
+    "engine_name": "Kaspersky",
+    "engine_update": "20240623",
+    "engine_version": "22.0.1.28",
+    "method": "blacklist",
+    "result": "HEUR:Trojan-Dropper.Linux.Agent.l"
+  },
+  "Kingsoft": {
+    "category": "malicious",
+    "engine_name": "Kingsoft",
+    "engine_update": "20230906",
+    "engine_version": "None",
+    "method": "blacklist",
+    "result": "Linux.Trojan-Dropper.Agent.l"
+  },
+  "Lionic": {
+    "category": "malicious",
+    "engine_name": "Lionic",
+    "engine_update": "20240623",
+    "engine_version": "7.5",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Agent.b!c"
+  },
+  "MAX": {
+    "category": "undetected",
+    "engine_name": "MAX",
+    "engine_update": "20240623",
+    "engine_version": "2023.1.4.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "Malwarebytes": {
+    "category": "undetected",
+    "engine_name": "Malwarebytes",
+    "engine_update": "20240623",
+    "engine_version": "4.5.5.54",
+    "method": "blacklist",
+    "result": null
+  },
+  "MaxSecure": {
+    "category": "undetected",
+    "engine_name": "MaxSecure",
+    "engine_update": "20240621",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "McAfee": {
+    "category": "malicious",
+    "engine_name": "McAfee",
+    "engine_update": "20240622",
+    "engine_version": "6.0.6.653",
+    "method": "blacklist",
+    "result": "GenericRXTD-TM!85ED1956D405"
+  },
+  "McAfeeD": {
+    "category": "type-unsupported",
+    "engine_name": "McAfeeD",
+    "engine_update": "20240623",
+    "engine_version": "1.2.0.7628",
+    "method": "blacklist",
+    "result": null
+  },
+  "MicroWorld-eScan": {
+    "category": "malicious",
+    "engine_name": "MicroWorld-eScan",
+    "engine_update": "20240623",
+    "engine_version": "14.0.409.0",
+    "method": "blacklist",
+    "result": "Trojan.Generic.36318000"
+  },
+  "Microsoft": {
+    "category": "malicious",
+    "engine_name": "Microsoft",
+    "engine_update": "20240623",
+    "engine_version": "1.1.24050.5",
+    "method": "blacklist",
+    "result": "Trojan:Linux/Multiverze"
+  },
+  "NANO-Antivirus": {
+    "category": "undetected",
+    "engine_name": "NANO-Antivirus",
+    "engine_update": "20240623",
+    "engine_version": "1.0.146.25796",
+    "method": "blacklist",
+    "result": null
+  },
+  "Paloalto": {
+    "category": "type-unsupported",
+    "engine_name": "Paloalto",
+    "engine_update": "20240623",
+    "engine_version": "0.9.0.1003",
+    "method": "blacklist",
+    "result": null
+  },
+  "Panda": {
+    "category": "malicious",
+    "engine_name": "Panda",
+    "engine_update": "20240623",
+    "engine_version": "4.6.4.2",
+    "method": "blacklist",
+    "result": "ELF/TrojanGen.A"
+  },
+  "Rising": {
+    "category": "malicious",
+    "engine_name": "Rising",
+    "engine_update": "20240623",
+    "engine_version": "25.0.0.27",
+    "method": "blacklist",
+    "result": "Exploit.Agent/Linux!1.FD49 (CLASSIC)"
+  },
+  "SUPERAntiSpyware": {
+    "category": "undetected",
+    "engine_name": "SUPERAntiSpyware",
+    "engine_update": "20240622",
+    "engine_version": "5.6.0.1032",
+    "method": "blacklist",
+    "result": null
+  },
+  "Sangfor": {
+    "category": "undetected",
+    "engine_name": "Sangfor",
+    "engine_update": "20240621",
+    "engine_version": "2.25.10.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "SentinelOne": {
+    "category": "undetected",
+    "engine_name": "SentinelOne",
+    "engine_update": "20240417",
+    "engine_version": "24.2.1.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "Skyhigh": {
+    "category": "malicious",
+    "engine_name": "Skyhigh",
+    "engine_update": "20240622",
+    "engine_version": "v2021.2.0+4045",
+    "method": "blacklist",
+    "result": "GenericRXTD-TM!85ED1956D405"
+  },
+  "Sophos": {
+    "category": "undetected",
+    "engine_name": "Sophos",
+    "engine_update": "20240623",
+    "engine_version": "2.5.5.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Symantec": {
+    "category": "malicious",
+    "engine_name": "Symantec",
+    "engine_update": "20240622",
+    "engine_version": "1.21.0.0",
+    "method": "blacklist",
+    "result": "Trojan.Gen.NPE"
+  },
+  "SymantecMobileInsight": {
+    "category": "type-unsupported",
+    "engine_name": "SymantecMobileInsight",
+    "engine_update": "20240103",
+    "engine_version": "2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "TACHYON": {
+    "category": "undetected",
+    "engine_name": "TACHYON",
+    "engine_update": "20240623",
+    "engine_version": "2024-06-23.02",
+    "method": "blacklist",
+    "result": null
+  },
+  "Tencent": {
+    "category": "malicious",
+    "engine_name": "Tencent",
+    "engine_update": "20240623",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": "Linux.Trojan-Dropper.Agent.Tnkl"
+  },
+  "Trapmine": {
+    "category": "type-unsupported",
+    "engine_name": "Trapmine",
+    "engine_update": "20240223",
+    "engine_version": "4.0.16.96",
+    "method": "blacklist",
+    "result": null
+  },
+  "TrendMicro": {
+    "category": "timeout",
+    "engine_name": "TrendMicro",
+    "engine_update": "20240623",
+    "engine_version": "11.0.0.1006",
+    "method": "blacklist",
+    "result": null
+  },
+  "TrendMicro-HouseCall": {
+    "category": "malicious",
+    "engine_name": "TrendMicro-HouseCall",
+    "engine_update": "20240623",
+    "engine_version": "10.0.0.1040",
+    "method": "blacklist",
+    "result": "TROJ_GEN.R002C0DFD24"
+  },
+  "Trustlook": {
+    "category": "type-unsupported",
+    "engine_name": "Trustlook",
+    "engine_update": "20240623",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VBA32": {
+    "category": "undetected",
+    "engine_name": "VBA32",
+    "engine_update": "20240621",
+    "engine_version": "5.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VIPRE": {
+    "category": "malicious",
+    "engine_name": "VIPRE",
+    "engine_update": "20240623",
+    "engine_version": "6.0.0.35",
+    "method": "blacklist",
+    "result": "Trojan.Generic.36318000"
+  },
+  "Varist": {
+    "category": "malicious",
+    "engine_name": "Varist",
+    "engine_update": "20240623",
+    "engine_version": "6.5.1.2",
+    "method": "blacklist",
+    "result": "E64/Agent.OF"
+  },
+  "ViRobot": {
+    "category": "undetected",
+    "engine_name": "ViRobot",
+    "engine_update": "20240622",
+    "engine_version": "2014.3.20.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VirIT": {
+    "category": "undetected",
+    "engine_name": "VirIT",
+    "engine_update": "20240621",
+    "engine_version": "9.5.729",
+    "method": "blacklist",
+    "result": null
+  },
+  "Webroot": {
+    "category": "type-unsupported",
+    "engine_name": "Webroot",
+    "engine_update": "20240623",
+    "engine_version": "1.0.0.403",
+    "method": "blacklist",
+    "result": null
+  },
+  "Xcitium": {
+    "category": "undetected",
+    "engine_name": "Xcitium",
+    "engine_update": "20240623",
+    "engine_version": "36815",
+    "method": "blacklist",
+    "result": null
+  },
+  "Yandex": {
+    "category": "undetected",
+    "engine_name": "Yandex",
+    "engine_update": "20240623",
+    "engine_version": "5.5.2.24",
+    "method": "blacklist",
+    "result": null
+  },
+  "Zillya": {
+    "category": "undetected",
+    "engine_name": "Zillya",
+    "engine_update": "20240621",
+    "engine_version": "2.0.0.5138",
+    "method": "blacklist",
+    "result": null
+  },
+  "ZoneAlarm": {
+    "category": "malicious",
+    "engine_name": "ZoneAlarm",
+    "engine_update": "20240623",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": "HEUR:Trojan-Dropper.Linux.Agent.l"
+  },
+  "Zoner": {
+    "category": "undetected",
+    "engine_name": "Zoner",
+    "engine_update": "20240623",
+    "engine_version": "2.2.2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "alibabacloud": {
+    "category": "malicious",
+    "engine_name": "alibabacloud",
+    "engine_update": "20240620",
+    "engine_version": "2.1.0",
+    "method": "blacklist",
+    "result": "Backdoor[shellcode]:Linux/fackexp.A"
+  },
+  "tehtris": {
+    "category": "undetected",
+    "engine_name": "tehtris",
+    "engine_update": "20240623",
+    "engine_version": "v0.1.4",
+    "method": "blacklist",
+    "result": null
+  }
+}
--- a/linux/ad69790f301c6b7cebaa84a7fecd6431e87b09526d81a3c618bdf985e08edf3b/README.md
+++ b/linux/ad69790f301c6b7cebaa84a7fecd6431e87b09526d81a3c618bdf985e08edf3b/README.md
@ -0,0 +1,68 @@
+
+# Sample Information
+
+<table>
+  <tr>
+    <td><b>VirusTotal Threat Label</b></td>
+    <td><b><span style="color: red">trojan.gafgyt/mirai</span></b></td>
+  </tr>
+  <tr>
+    <td><b>md5</b></td>
+    <td>8022d0f0f16843e1c5270a7116e478e4</td>
+  </tr>
+  <tr>
+    <td><b>sha1</b></td>
+    <td>fdc75f9bce2f041f6573ccc72979a540960ff269</td>
+  </tr>
+  <tr>
+    <td><b>sha256</b></td>
+    <td>ad69790f301c6b7cebaa84a7fecd6431e87b09526d81a3c618bdf985e08edf3b</td>
+  </tr>
+  <tr>
+    <td><b>sha512</b></td>
+    <td>e0e7ef64719065c38d0a7658f62c0dcb81e67ed8447118250ae5834204cc9e421a1d747dfabdfb995fc61f0c4e97dd74f5ce4e149664a6ebcab5f6b2d8d5017a</td>
+  </tr>
+</table>
+
+**VirusTotal**: https://www.virustotal.com/gui/file/ad69790f301c6b7cebaa84a7fecd6431e87b09526d81a3c618bdf985e08edf3b
+
+## Detection Names
+
+a variant of Linux/Gafgyt.WN  
+Backdoor.Linux.BASHLITE.SMJC11  
+Backdoor:Linux/DemonBot.Aa!MTB  
+Backdoor.Linux.ivck  
+Backdoor.Mirai/Linux!1.F3F6 (CLASSIC)  
+DDOS:Linux/Gafgyt  
+Detected  
+E32/Gafgyt.AU.gen!Camelot  
+ELF:Agent-AYQ [Trj]  
+ELF:Gafgyt-KS [Trj]  
+elf.Mirai.2002004  
+ELF/Mirai.ASW!tr  
+Elf.trojan.A12367304  
+Gen:NN.Mirai.36808  
+HEUR:Backdoor.Linux.Gafgyt.dd  
+Linux/DDoS-BI  
+Linux/Gafgyt.Gen28  
+Linux.Lightaidra!g1  
+LINUX/Mirai.Gafgyt.  
+Linux.Trojan.Gafgyt  
+Lnx/Gafgyt-FEEU!8022D0F0F168  
+Malicious (score: 99)  
+malware (ai score=100)  
+Malware.LINUX/Mirai.Gafgyt.  
+Static AI - Malicious ELF  
+Suspicious.Linux.Save.a  
+Trojan ( 0040f4a51 )  
+Trojan.Elf32.Gafgyt.koqfyn  
+Trojan.Generic.36456695  
+Trojan.Generic.36456695 (B)  
+Trojan.Generic.D22C48F7  
+Trojan.Linux.Gafgyt  
+Trojan.Linux.Gafgyt.cab  
+Trojan.Linux.Gafgyt.m!c  
+Trojan/Linux.Mirai.a  
+Trojan.Malware.121218.susgen  
+Unix.Trojan.Tsunami-6981155-0  
+
--- a/linux/ad69790f301c6b7cebaa84a7fecd6431e87b09526d81a3c618bdf985e08edf3b/virustotal.json
+++ b/linux/ad69790f301c6b7cebaa84a7fecd6431e87b09526d81a3c618bdf985e08edf3b/virustotal.json
@ -0,0 +1,626 @@
+{
+  "ALYac": {
+    "category": "malicious",
+    "engine_name": "ALYac",
+    "engine_update": "20240702",
+    "engine_version": "2.0.0.10",
+    "method": "blacklist",
+    "result": "Trojan.Generic.36456695"
+  },
+  "APEX": {
+    "category": "type-unsupported",
+    "engine_name": "APEX",
+    "engine_update": "20240701",
+    "engine_version": "6.548",
+    "method": "blacklist",
+    "result": null
+  },
+  "AVG": {
+    "category": "malicious",
+    "engine_name": "AVG",
+    "engine_update": "20240702",
+    "engine_version": "23.9.8494.0",
+    "method": "blacklist",
+    "result": "ELF:Agent-AYQ [Trj]"
+  },
+  "Acronis": {
+    "category": "undetected",
+    "engine_name": "Acronis",
+    "engine_update": "20240328",
+    "engine_version": "1.2.0.121",
+    "method": "blacklist",
+    "result": null
+  },
+  "AhnLab-V3": {
+    "category": "malicious",
+    "engine_name": "AhnLab-V3",
+    "engine_update": "20240702",
+    "engine_version": "3.26.0.10499",
+    "method": "blacklist",
+    "result": "Linux/Gafgyt.Gen28"
+  },
+  "Alibaba": {
+    "category": "type-unsupported",
+    "engine_name": "Alibaba",
+    "engine_update": "20190527",
+    "engine_version": "0.3.0.5",
+    "method": "blacklist",
+    "result": null
+  },
+  "Antiy-AVL": {
+    "category": "malicious",
+    "engine_name": "Antiy-AVL",
+    "engine_update": "20240702",
+    "engine_version": "3.0",
+    "method": "blacklist",
+    "result": "Trojan/Linux.Mirai.a"
+  },
+  "Arcabit": {
+    "category": "malicious",
+    "engine_name": "Arcabit",
+    "engine_update": "20240702",
+    "engine_version": "2022.0.0.18",
+    "method": "blacklist",
+    "result": "Trojan.Generic.D22C48F7"
+  },
+  "Avast": {
+    "category": "malicious",
+    "engine_name": "Avast",
+    "engine_update": "20240702",
+    "engine_version": "23.9.8494.0",
+    "method": "blacklist",
+    "result": "ELF:Agent-AYQ [Trj]"
+  },
+  "Avast-Mobile": {
+    "category": "malicious",
+    "engine_name": "Avast-Mobile",
+    "engine_update": "20240701",
+    "engine_version": "240701-00",
+    "method": "blacklist",
+    "result": "ELF:Gafgyt-KS [Trj]"
+  },
+  "Avira": {
+    "category": "malicious",
+    "engine_name": "Avira",
+    "engine_update": "20240702",
+    "engine_version": "8.3.3.20",
+    "method": "blacklist",
+    "result": "LINUX/Mirai.Gafgyt."
+  },
+  "Baidu": {
+    "category": "undetected",
+    "engine_name": "Baidu",
+    "engine_update": "20190318",
+    "engine_version": "1.0.0.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefender": {
+    "category": "malicious",
+    "engine_name": "BitDefender",
+    "engine_update": "20240702",
+    "engine_version": "7.2",
+    "method": "blacklist",
+    "result": "Trojan.Generic.36456695"
+  },
+  "BitDefenderFalx": {
+    "category": "type-unsupported",
+    "engine_name": "BitDefenderFalx",
+    "engine_update": "20240128",
+    "engine_version": "2.0.936",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefenderTheta": {
+    "category": "malicious",
+    "engine_name": "BitDefenderTheta",
+    "engine_update": "20240621",
+    "engine_version": "7.2.37796.0",
+    "method": "blacklist",
+    "result": "Gen:NN.Mirai.36808"
+  },
+  "Bkav": {
+    "category": "undetected",
+    "engine_name": "Bkav",
+    "engine_update": "20240701",
+    "engine_version": "2.0.0.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "CAT-QuickHeal": {
+    "category": "malicious",
+    "engine_name": "CAT-QuickHeal",
+    "engine_update": "20240701",
+    "engine_version": "22.00",
+    "method": "blacklist",
+    "result": "Elf.trojan.A12367304"
+  },
+  "CMC": {
+    "category": "undetected",
+    "engine_name": "CMC",
+    "engine_update": "20240702",
+    "engine_version": "2.4.2022.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "ClamAV": {
+    "category": "malicious",
+    "engine_name": "ClamAV",
+    "engine_update": "20240701",
+    "engine_version": "1.3.1.0",
+    "method": "blacklist",
+    "result": "Unix.Trojan.Tsunami-6981155-0"
+  },
+  "CrowdStrike": {
+    "category": "undetected",
+    "engine_name": "CrowdStrike",
+    "engine_update": "20231026",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cybereason": {
+    "category": "undetected",
+    "engine_name": "Cybereason",
+    "engine_update": "20240623",
+    "engine_version": "1.2.449",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cylance": {
+    "category": "type-unsupported",
+    "engine_name": "Cylance",
+    "engine_update": "20240627",
+    "engine_version": "3.0.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cynet": {
+    "category": "malicious",
+    "engine_name": "Cynet",
+    "engine_update": "20240702",
+    "engine_version": "4.0.1.1",
+    "method": "blacklist",
+    "result": "Malicious (score: 99)"
+  },
+  "DeepInstinct": {
+    "category": "type-unsupported",
+    "engine_name": "DeepInstinct",
+    "engine_update": "20240625",
+    "engine_version": "5.0.0.8",
+    "method": "blacklist",
+    "result": null
+  },
+  "DrWeb": {
+    "category": "undetected",
+    "engine_name": "DrWeb",
+    "engine_update": "20240702",
+    "engine_version": "7.0.65.5230",
+    "method": "blacklist",
+    "result": null
+  },
+  "ESET-NOD32": {
+    "category": "malicious",
+    "engine_name": "ESET-NOD32",
+    "engine_update": "20240701",
+    "engine_version": "29484",
+    "method": "blacklist",
+    "result": "a variant of Linux/Gafgyt.WN"
+  },
+  "Elastic": {
+    "category": "malicious",
+    "engine_name": "Elastic",
+    "engine_update": "20240701",
+    "engine_version": "4.0.156",
+    "method": "blacklist",
+    "result": "Linux.Trojan.Gafgyt"
+  },
+  "Emsisoft": {
+    "category": "malicious",
+    "engine_name": "Emsisoft",
+    "engine_update": "20240702",
+    "engine_version": "2024.1.0.53752",
+    "method": "blacklist",
+    "result": "Trojan.Generic.36456695 (B)"
+  },
+  "F-Secure": {
+    "category": "malicious",
+    "engine_name": "F-Secure",
+    "engine_update": "20240702",
+    "engine_version": "18.10.1547.307",
+    "method": "blacklist",
+    "result": "Malware.LINUX/Mirai.Gafgyt."
+  },
+  "FireEye": {
+    "category": "malicious",
+    "engine_name": "FireEye",
+    "engine_update": "20240702",
+    "engine_version": "35.47.0.0",
+    "method": "blacklist",
+    "result": "Trojan.Generic.36456695"
+  },
+  "Fortinet": {
+    "category": "malicious",
+    "engine_name": "Fortinet",
+    "engine_update": "20240702",
+    "engine_version": "None",
+    "method": "blacklist",
+    "result": "ELF/Mirai.ASW!tr"
+  },
+  "GData": {
+    "category": "malicious",
+    "engine_name": "GData",
+    "engine_update": "20240702",
+    "engine_version": "A:25.38393B:27.36571",
+    "method": "blacklist",
+    "result": "Trojan.Generic.36456695"
+  },
+  "Google": {
+    "category": "malicious",
+    "engine_name": "Google",
+    "engine_update": "20240702",
+    "engine_version": "1719898240",
+    "method": "blacklist",
+    "result": "Detected"
+  },
+  "Gridinsoft": {
+    "category": "undetected",
+    "engine_name": "Gridinsoft",
+    "engine_update": "20240702",
+    "engine_version": "1.0.181.174",
+    "method": "blacklist",
+    "result": null
+  },
+  "Ikarus": {
+    "category": "malicious",
+    "engine_name": "Ikarus",
+    "engine_update": "20240701",
+    "engine_version": "6.3.12.0",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Gafgyt"
+  },
+  "Jiangmin": {
+    "category": "malicious",
+    "engine_name": "Jiangmin",
+    "engine_update": "20240701",
+    "engine_version": "16.0.100",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.ivck"
+  },
+  "K7AntiVirus": {
+    "category": "undetected",
+    "engine_name": "K7AntiVirus",
+    "engine_update": "20240702",
+    "engine_version": "12.171.52466",
+    "method": "blacklist",
+    "result": null
+  },
+  "K7GW": {
+    "category": "malicious",
+    "engine_name": "K7GW",
+    "engine_update": "20240702",
+    "engine_version": "12.171.52466",
+    "method": "blacklist",
+    "result": "Trojan ( 0040f4a51 )"
+  },
+  "Kaspersky": {
+    "category": "malicious",
+    "engine_name": "Kaspersky",
+    "engine_update": "20240702",
+    "engine_version": "22.0.1.28",
+    "method": "blacklist",
+    "result": "HEUR:Backdoor.Linux.Gafgyt.dd"
+  },
+  "Kingsoft": {
+    "category": "malicious",
+    "engine_name": "Kingsoft",
+    "engine_update": "20230906",
+    "engine_version": "None",
+    "method": "blacklist",
+    "result": "elf.Mirai.2002004"
+  },
+  "Lionic": {
+    "category": "malicious",
+    "engine_name": "Lionic",
+    "engine_update": "20240702",
+    "engine_version": "8.16",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Gafgyt.m!c"
+  },
+  "MAX": {
+    "category": "malicious",
+    "engine_name": "MAX",
+    "engine_update": "20240702",
+    "engine_version": "2023.1.4.1",
+    "method": "blacklist",
+    "result": "malware (ai score=100)"
+  },
+  "Malwarebytes": {
+    "category": "undetected",
+    "engine_name": "Malwarebytes",
+    "engine_update": "20240702",
+    "engine_version": "4.5.5.54",
+    "method": "blacklist",
+    "result": null
+  },
+  "MaxSecure": {
+    "category": "malicious",
+    "engine_name": "MaxSecure",
+    "engine_update": "20240702",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": "Trojan.Malware.121218.susgen"
+  },
+  "McAfee": {
+    "category": "malicious",
+    "engine_name": "McAfee",
+    "engine_update": "20240701",
+    "engine_version": "6.0.6.653",
+    "method": "blacklist",
+    "result": "Lnx/Gafgyt-FEEU!8022D0F0F168"
+  },
+  "McAfeeD": {
+    "category": "type-unsupported",
+    "engine_name": "McAfeeD",
+    "engine_update": "20240702",
+    "engine_version": "1.2.0.7628",
+    "method": "blacklist",
+    "result": null
+  },
+  "MicroWorld-eScan": {
+    "category": "malicious",
+    "engine_name": "MicroWorld-eScan",
+    "engine_update": "20240702",
+    "engine_version": "14.0.409.0",
+    "method": "blacklist",
+    "result": "Trojan.Generic.36456695"
+  },
+  "Microsoft": {
+    "category": "malicious",
+    "engine_name": "Microsoft",
+    "engine_update": "20240702",
+    "engine_version": "1.1.24050.5",
+    "method": "blacklist",
+    "result": "Backdoor:Linux/DemonBot.Aa!MTB"
+  },
+  "NANO-Antivirus": {
+    "category": "malicious",
+    "engine_name": "NANO-Antivirus",
+    "engine_update": "20240702",
+    "engine_version": "1.0.146.25796",
+    "method": "blacklist",
+    "result": "Trojan.Elf32.Gafgyt.koqfyn"
+  },
+  "Paloalto": {
+    "category": "type-unsupported",
+    "engine_name": "Paloalto",
+    "engine_update": "20240702",
+    "engine_version": "0.9.0.1003",
+    "method": "blacklist",
+    "result": null
+  },
+  "Panda": {
+    "category": "undetected",
+    "engine_name": "Panda",
+    "engine_update": "20240701",
+    "engine_version": "4.6.4.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "Rising": {
+    "category": "malicious",
+    "engine_name": "Rising",
+    "engine_update": "20240702",
+    "engine_version": "25.0.0.27",
+    "method": "blacklist",
+    "result": "Backdoor.Mirai/Linux!1.F3F6 (CLASSIC)"
+  },
+  "SUPERAntiSpyware": {
+    "category": "undetected",
+    "engine_name": "SUPERAntiSpyware",
+    "engine_update": "20240702",
+    "engine_version": "5.6.0.1032",
+    "method": "blacklist",
+    "result": null
+  },
+  "Sangfor": {
+    "category": "malicious",
+    "engine_name": "Sangfor",
+    "engine_update": "20240702",
+    "engine_version": "2.25.10.0",
+    "method": "blacklist",
+    "result": "Suspicious.Linux.Save.a"
+  },
+  "SentinelOne": {
+    "category": "malicious",
+    "engine_name": "SentinelOne",
+    "engine_update": "20240417",
+    "engine_version": "24.2.1.1",
+    "method": "blacklist",
+    "result": "Static AI - Malicious ELF"
+  },
+  "Skyhigh": {
+    "category": "malicious",
+    "engine_name": "Skyhigh",
+    "engine_update": "20240701",
+    "engine_version": "v2021.2.0+4045",
+    "method": "blacklist",
+    "result": "Lnx/Gafgyt-FEEU!8022D0F0F168"
+  },
+  "Sophos": {
+    "category": "malicious",
+    "engine_name": "Sophos",
+    "engine_update": "20240702",
+    "engine_version": "2.5.5.0",
+    "method": "blacklist",
+    "result": "Linux/DDoS-BI"
+  },
+  "Symantec": {
+    "category": "malicious",
+    "engine_name": "Symantec",
+    "engine_update": "20240702",
+    "engine_version": "1.21.0.0",
+    "method": "blacklist",
+    "result": "Linux.Lightaidra!g1"
+  },
+  "SymantecMobileInsight": {
+    "category": "type-unsupported",
+    "engine_name": "SymantecMobileInsight",
+    "engine_update": "20240103",
+    "engine_version": "2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "TACHYON": {
+    "category": "undetected",
+    "engine_name": "TACHYON",
+    "engine_update": "20240702",
+    "engine_version": "2024-07-02.02",
+    "method": "blacklist",
+    "result": null
+  },
+  "Tencent": {
+    "category": "malicious",
+    "engine_name": "Tencent",
+    "engine_update": "20240702",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Gafgyt.cab"
+  },
+  "Trapmine": {
+    "category": "type-unsupported",
+    "engine_name": "Trapmine",
+    "engine_update": "20240223",
+    "engine_version": "4.0.16.96",
+    "method": "blacklist",
+    "result": null
+  },
+  "TrendMicro": {
+    "category": "malicious",
+    "engine_name": "TrendMicro",
+    "engine_update": "20240702",
+    "engine_version": "11.0.0.1006",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.BASHLITE.SMJC11"
+  },
+  "TrendMicro-HouseCall": {
+    "category": "malicious",
+    "engine_name": "TrendMicro-HouseCall",
+    "engine_update": "20240702",
+    "engine_version": "10.0.0.1040",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.BASHLITE.SMJC11"
+  },
+  "Trustlook": {
+    "category": "type-unsupported",
+    "engine_name": "Trustlook",
+    "engine_update": "20240702",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VBA32": {
+    "category": "undetected",
+    "engine_name": "VBA32",
+    "engine_update": "20240701",
+    "engine_version": "5.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VIPRE": {
+    "category": "malicious",
+    "engine_name": "VIPRE",
+    "engine_update": "20240701",
+    "engine_version": "6.0.0.35",
+    "method": "blacklist",
+    "result": "Trojan.Generic.36456695"
+  },
+  "Varist": {
+    "category": "malicious",
+    "engine_name": "Varist",
+    "engine_update": "20240702",
+    "engine_version": "6.5.1.2",
+    "method": "blacklist",
+    "result": "E32/Gafgyt.AU.gen!Camelot"
+  },
+  "ViRobot": {
+    "category": "undetected",
+    "engine_name": "ViRobot",
+    "engine_update": "20240702",
+    "engine_version": "2014.3.20.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VirIT": {
+    "category": "undetected",
+    "engine_name": "VirIT",
+    "engine_update": "20240701",
+    "engine_version": "9.5.735",
+    "method": "blacklist",
+    "result": null
+  },
+  "Webroot": {
+    "category": "type-unsupported",
+    "engine_name": "Webroot",
+    "engine_update": "20240702",
+    "engine_version": "1.0.0.403",
+    "method": "blacklist",
+    "result": null
+  },
+  "Xcitium": {
+    "category": "undetected",
+    "engine_name": "Xcitium",
+    "engine_update": "20240702",
+    "engine_version": "36840",
+    "method": "blacklist",
+    "result": null
+  },
+  "Yandex": {
+    "category": "undetected",
+    "engine_name": "Yandex",
+    "engine_update": "20240701",
+    "engine_version": "5.5.2.24",
+    "method": "blacklist",
+    "result": null
+  },
+  "Zillya": {
+    "category": "undetected",
+    "engine_name": "Zillya",
+    "engine_update": "20240701",
+    "engine_version": "2.0.0.5144",
+    "method": "blacklist",
+    "result": null
+  },
+  "ZoneAlarm": {
+    "category": "malicious",
+    "engine_name": "ZoneAlarm",
+    "engine_update": "20240702",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": "HEUR:Backdoor.Linux.Gafgyt.dd"
+  },
+  "Zoner": {
+    "category": "undetected",
+    "engine_name": "Zoner",
+    "engine_update": "20240702",
+    "engine_version": "2.2.2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "alibabacloud": {
+    "category": "malicious",
+    "engine_name": "alibabacloud",
+    "engine_update": "20240620",
+    "engine_version": "2.1.0",
+    "method": "blacklist",
+    "result": "DDOS:Linux/Gafgyt"
+  },
+  "tehtris": {
+    "category": "undetected",
+    "engine_name": "tehtris",
+    "engine_update": "20240702",
+    "engine_version": "v0.1.4",
+    "method": "blacklist",
+    "result": null
+  }
+}
--- a/linux/b87ad7dba1d367c437db51045e57835f77e8d9735d5c917c6d16984fbde8a3c5/README.md
+++ b/linux/b87ad7dba1d367c437db51045e57835f77e8d9735d5c917c6d16984fbde8a3c5/README.md
@ -0,0 +1,60 @@
+
+# Sample Information
+
+<table>
+  <tr>
+    <td><b>VirusTotal Threat Label</b></td>
+    <td><b><span style="color: red">unknown</span></b></td>
+  </tr>
+  <tr>
+    <td><b>md5</b></td>
+    <td>620159aa1a28e52afed78cbf1deaca78</td>
+  </tr>
+  <tr>
+    <td><b>sha1</b></td>
+    <td>23b8a650e38ed2af0eee9792e0e705c1851ac0da</td>
+  </tr>
+  <tr>
+    <td><b>sha256</b></td>
+    <td>b87ad7dba1d367c437db51045e57835f77e8d9735d5c917c6d16984fbde8a3c5</td>
+  </tr>
+  <tr>
+    <td><b>sha512</b></td>
+    <td>ca285004e4e1ab0ad62659a5bda68023c4042e76d8543d34e4eec005e188ad7602d02acc0c9611d1952f20c8986b67706e66551569e8f8d5efb04c737d522569</td>
+  </tr>
+</table>
+
+**VirusTotal**: https://www.virustotal.com/gui/file/b87ad7dba1d367c437db51045e57835f77e8d9735d5c917c6d16984fbde8a3c5
+
+## Detection Names
+
+Artemis!Trojan  
+a variant of Linux/Exploit.Ptrace.F  
+Detected  
+ELF:Local-AN [Expl]  
+EXP/Linux.Loc.G  
+Exploit.Elf32.Ptrace.gmrsfc  
+Exploit.EXP/Linux.Loc.G  
+Exploit.Linux.dc  
+Exploit.Linux.Local.g  
+Exploit:Linux/Local.G  
+Exploit.Linux.Local.V7mc  
+Exploit.Local.Linux.10  
+Exploit.Ptrace  
+Generic.Win32.620159aa1a!MD  
+Hack.Exploit.Local.b (CLASSIC)  
+Hacktool.Linux.Local.3!c  
+Hacktool.Rootkit  
+Linux.Exploit.Local.Gplw  
+Linux/Local.G!exploit  
+Malicious (score: 99)  
+Malware@#3v0p2sqqn68wd  
+malware (ai score=100)  
+Static AI - Malicious ELF  
+Trojan[Exploit]/Linux.Local.g  
+Trojan.Exploit.Linux.Local.G  
+Trojan.Exploit.Linux.Local.G (B)  
+Troj/ExpPtr-Gen  
+TROJ_Generic  
+Unix.Malware.Agent-7437260-0  
+
--- a/linux/b87ad7dba1d367c437db51045e57835f77e8d9735d5c917c6d16984fbde8a3c5/virustotal.json
+++ b/linux/b87ad7dba1d367c437db51045e57835f77e8d9735d5c917c6d16984fbde8a3c5/virustotal.json
@ -0,0 +1,594 @@
+{
+  "ALYac": {
+    "category": "malicious",
+    "engine_name": "ALYac",
+    "engine_update": "20230426",
+    "engine_version": "1.1.3.1",
+    "method": "blacklist",
+    "result": "Trojan.Exploit.Linux.Local.G"
+  },
+  "APEX": {
+    "category": "type-unsupported",
+    "engine_name": "APEX",
+    "engine_update": "20230416",
+    "engine_version": "6.408",
+    "method": "blacklist",
+    "result": null
+  },
+  "AVG": {
+    "category": "malicious",
+    "engine_name": "AVG",
+    "engine_update": "20230426",
+    "engine_version": "22.11.7701.0",
+    "method": "blacklist",
+    "result": "ELF:Local-AN [Expl]"
+  },
+  "Acronis": {
+    "category": "undetected",
+    "engine_name": "Acronis",
+    "engine_update": "20230219",
+    "engine_version": "1.2.0.114",
+    "method": "blacklist",
+    "result": null
+  },
+  "AhnLab-V3": {
+    "category": "undetected",
+    "engine_name": "AhnLab-V3",
+    "engine_update": "20230426",
+    "engine_version": "3.23.2.10388",
+    "method": "blacklist",
+    "result": null
+  },
+  "Alibaba": {
+    "category": "type-unsupported",
+    "engine_name": "Alibaba",
+    "engine_update": "20190527",
+    "engine_version": "0.3.0.5",
+    "method": "blacklist",
+    "result": null
+  },
+  "Antiy-AVL": {
+    "category": "malicious",
+    "engine_name": "Antiy-AVL",
+    "engine_update": "20230426",
+    "engine_version": "3.0",
+    "method": "blacklist",
+    "result": "Trojan[Exploit]/Linux.Local.g"
+  },
+  "Arcabit": {
+    "category": "malicious",
+    "engine_name": "Arcabit",
+    "engine_update": "20230425",
+    "engine_version": "2022.0.0.18",
+    "method": "blacklist",
+    "result": "Trojan.Exploit.Linux.Local.G"
+  },
+  "Avast": {
+    "category": "malicious",
+    "engine_name": "Avast",
+    "engine_update": "20230426",
+    "engine_version": "22.11.7701.0",
+    "method": "blacklist",
+    "result": "ELF:Local-AN [Expl]"
+  },
+  "Avast-Mobile": {
+    "category": "undetected",
+    "engine_name": "Avast-Mobile",
+    "engine_update": "20230425",
+    "engine_version": "230425-02",
+    "method": "blacklist",
+    "result": null
+  },
+  "Avira": {
+    "category": "malicious",
+    "engine_name": "Avira",
+    "engine_update": "20230425",
+    "engine_version": "8.3.3.16",
+    "method": "blacklist",
+    "result": "EXP/Linux.Loc.G"
+  },
+  "Baidu": {
+    "category": "undetected",
+    "engine_name": "Baidu",
+    "engine_update": "20190318",
+    "engine_version": "1.0.0.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefender": {
+    "category": "malicious",
+    "engine_name": "BitDefender",
+    "engine_update": "20230426",
+    "engine_version": "7.2",
+    "method": "blacklist",
+    "result": "Trojan.Exploit.Linux.Local.G"
+  },
+  "BitDefenderFalx": {
+    "category": "type-unsupported",
+    "engine_name": "BitDefenderFalx",
+    "engine_update": "20230419",
+    "engine_version": "2.0.936",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefenderTheta": {
+    "category": "undetected",
+    "engine_name": "BitDefenderTheta",
+    "engine_update": "20230418",
+    "engine_version": "7.2.37796.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Bkav": {
+    "category": "undetected",
+    "engine_name": "Bkav",
+    "engine_update": "20230425",
+    "engine_version": "1.3.0.9899",
+    "method": "blacklist",
+    "result": null
+  },
+  "CAT-QuickHeal": {
+    "category": "undetected",
+    "engine_name": "CAT-QuickHeal",
+    "engine_update": "20230425",
+    "engine_version": "22.00",
+    "method": "blacklist",
+    "result": null
+  },
+  "CMC": {
+    "category": "malicious",
+    "engine_name": "CMC",
+    "engine_update": "20230425",
+    "engine_version": "2.4.2022.1",
+    "method": "blacklist",
+    "result": "Generic.Win32.620159aa1a!MD"
+  },
+  "ClamAV": {
+    "category": "malicious",
+    "engine_name": "ClamAV",
+    "engine_update": "20230425",
+    "engine_version": "1.0.1.0",
+    "method": "blacklist",
+    "result": "Unix.Malware.Agent-7437260-0"
+  },
+  "CrowdStrike": {
+    "category": "type-unsupported",
+    "engine_name": "CrowdStrike",
+    "engine_update": "20220812",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cylance": {
+    "category": "type-unsupported",
+    "engine_name": "Cylance",
+    "engine_update": "20230419",
+    "engine_version": "2.0.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cynet": {
+    "category": "malicious",
+    "engine_name": "Cynet",
+    "engine_update": "20230425",
+    "engine_version": "4.0.0.27",
+    "method": "blacklist",
+    "result": "Malicious (score: 99)"
+  },
+  "Cyren": {
+    "category": "undetected",
+    "engine_name": "Cyren",
+    "engine_update": "20230426",
+    "engine_version": "6.5.1.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "DeepInstinct": {
+    "category": "type-unsupported",
+    "engine_name": "DeepInstinct",
+    "engine_update": "20230420",
+    "engine_version": "3.1.0.15",
+    "method": "blacklist",
+    "result": null
+  },
+  "DrWeb": {
+    "category": "malicious",
+    "engine_name": "DrWeb",
+    "engine_update": "20230426",
+    "engine_version": "7.0.59.12300",
+    "method": "blacklist",
+    "result": "Exploit.Ptrace"
+  },
+  "ESET-NOD32": {
+    "category": "malicious",
+    "engine_name": "ESET-NOD32",
+    "engine_update": "20230425",
+    "engine_version": "27131",
+    "method": "blacklist",
+    "result": "a variant of Linux/Exploit.Ptrace.F"
+  },
+  "Elastic": {
+    "category": "undetected",
+    "engine_name": "Elastic",
+    "engine_update": "20230413",
+    "engine_version": "4.0.85",
+    "method": "blacklist",
+    "result": null
+  },
+  "Emsisoft": {
+    "category": "malicious",
+    "engine_name": "Emsisoft",
+    "engine_update": "20230426",
+    "engine_version": "2022.6.0.32461",
+    "method": "blacklist",
+    "result": "Trojan.Exploit.Linux.Local.G (B)"
+  },
+  "F-Secure": {
+    "category": "malicious",
+    "engine_name": "F-Secure",
+    "engine_update": "20230425",
+    "engine_version": "18.10.1137.128",
+    "method": "blacklist",
+    "result": "Exploit.EXP/Linux.Loc.G"
+  },
+  "FireEye": {
+    "category": "malicious",
+    "engine_name": "FireEye",
+    "engine_update": "20230426",
+    "engine_version": "35.24.1.0",
+    "method": "blacklist",
+    "result": "Trojan.Exploit.Linux.Local.G"
+  },
+  "Fortinet": {
+    "category": "malicious",
+    "engine_name": "Fortinet",
+    "engine_update": "20230426",
+    "engine_version": "6.4.258.0",
+    "method": "blacklist",
+    "result": "Linux/Local.G!exploit"
+  },
+  "GData": {
+    "category": "malicious",
+    "engine_name": "GData",
+    "engine_update": "20230426",
+    "engine_version": "A:25.35717B:27.31465",
+    "method": "blacklist",
+    "result": "Trojan.Exploit.Linux.Local.G"
+  },
+  "Google": {
+    "category": "malicious",
+    "engine_name": "Google",
+    "engine_update": "20230426",
+    "engine_version": "1682474435",
+    "method": "blacklist",
+    "result": "Detected"
+  },
+  "Gridinsoft": {
+    "category": "undetected",
+    "engine_name": "Gridinsoft",
+    "engine_update": "20230426",
+    "engine_version": "1.0.114.174",
+    "method": "blacklist",
+    "result": null
+  },
+  "Ikarus": {
+    "category": "malicious",
+    "engine_name": "Ikarus",
+    "engine_update": "20230425",
+    "engine_version": "6.1.14.0",
+    "method": "blacklist",
+    "result": "Exploit.Ptrace"
+  },
+  "Jiangmin": {
+    "category": "malicious",
+    "engine_name": "Jiangmin",
+    "engine_update": "20230425",
+    "engine_version": "16.0.100",
+    "method": "blacklist",
+    "result": "Exploit.Linux.dc"
+  },
+  "K7AntiVirus": {
+    "category": "undetected",
+    "engine_name": "K7AntiVirus",
+    "engine_update": "20230425",
+    "engine_version": "12.82.47921",
+    "method": "blacklist",
+    "result": null
+  },
+  "K7GW": {
+    "category": "undetected",
+    "engine_name": "K7GW",
+    "engine_update": "20230425",
+    "engine_version": "12.82.47922",
+    "method": "blacklist",
+    "result": null
+  },
+  "Kaspersky": {
+    "category": "malicious",
+    "engine_name": "Kaspersky",
+    "engine_update": "20230426",
+    "engine_version": "22.0.1.28",
+    "method": "blacklist",
+    "result": "Exploit.Linux.Local.g"
+  },
+  "Lionic": {
+    "category": "malicious",
+    "engine_name": "Lionic",
+    "engine_update": "20230426",
+    "engine_version": "7.5",
+    "method": "blacklist",
+    "result": "Hacktool.Linux.Local.3!c"
+  },
+  "MAX": {
+    "category": "malicious",
+    "engine_name": "MAX",
+    "engine_update": "20230426",
+    "engine_version": "2023.1.4.1",
+    "method": "blacklist",
+    "result": "malware (ai score=100)"
+  },
+  "Malwarebytes": {
+    "category": "undetected",
+    "engine_name": "Malwarebytes",
+    "engine_update": "20230425",
+    "engine_version": "4.5.5.54",
+    "method": "blacklist",
+    "result": null
+  },
+  "MaxSecure": {
+    "category": "undetected",
+    "engine_name": "MaxSecure",
+    "engine_update": "20230424",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "McAfee": {
+    "category": "undetected",
+    "engine_name": "McAfee",
+    "engine_update": "20230426",
+    "engine_version": "6.0.6.653",
+    "method": "blacklist",
+    "result": null
+  },
+  "McAfee-GW-Edition": {
+    "category": "malicious",
+    "engine_name": "McAfee-GW-Edition",
+    "engine_update": "20230425",
+    "engine_version": "v2021.2.0+4045",
+    "method": "blacklist",
+    "result": "Artemis!Trojan"
+  },
+  "MicroWorld-eScan": {
+    "category": "malicious",
+    "engine_name": "MicroWorld-eScan",
+    "engine_update": "20230426",
+    "engine_version": "14.0.409.0",
+    "method": "blacklist",
+    "result": "Trojan.Exploit.Linux.Local.G"
+  },
+  "Microsoft": {
+    "category": "malicious",
+    "engine_name": "Microsoft",
+    "engine_update": "20230425",
+    "engine_version": "1.1.20200.4",
+    "method": "blacklist",
+    "result": "Exploit:Linux/Local.G"
+  },
+  "NANO-Antivirus": {
+    "category": "malicious",
+    "engine_name": "NANO-Antivirus",
+    "engine_update": "20230425",
+    "engine_version": "1.0.146.25757",
+    "method": "blacklist",
+    "result": "Exploit.Elf32.Ptrace.gmrsfc"
+  },
+  "Paloalto": {
+    "category": "type-unsupported",
+    "engine_name": "Paloalto",
+    "engine_update": "20230426",
+    "engine_version": "0.9.0.1003",
+    "method": "blacklist",
+    "result": null
+  },
+  "Panda": {
+    "category": "undetected",
+    "engine_name": "Panda",
+    "engine_update": "20230425",
+    "engine_version": "4.6.4.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "Rising": {
+    "category": "malicious",
+    "engine_name": "Rising",
+    "engine_update": "20230425",
+    "engine_version": "25.0.0.27",
+    "method": "blacklist",
+    "result": "Hack.Exploit.Local.b (CLASSIC)"
+  },
+  "SUPERAntiSpyware": {
+    "category": "undetected",
+    "engine_name": "SUPERAntiSpyware",
+    "engine_update": "20230423",
+    "engine_version": "5.6.0.1032",
+    "method": "blacklist",
+    "result": null
+  },
+  "Sangfor": {
+    "category": "malicious",
+    "engine_name": "Sangfor",
+    "engine_update": "20230421",
+    "engine_version": "2.23.0.0",
+    "method": "blacklist",
+    "result": "Exploit.Linux.Local.V7mc"
+  },
+  "SentinelOne": {
+    "category": "malicious",
+    "engine_name": "SentinelOne",
+    "engine_update": "20230404",
+    "engine_version": "23.2.0.1",
+    "method": "blacklist",
+    "result": "Static AI - Malicious ELF"
+  },
+  "Sophos": {
+    "category": "malicious",
+    "engine_name": "Sophos",
+    "engine_update": "20230426",
+    "engine_version": "2.1.2.0",
+    "method": "blacklist",
+    "result": "Troj/ExpPtr-Gen"
+  },
+  "Symantec": {
+    "category": "malicious",
+    "engine_name": "Symantec",
+    "engine_update": "20230425",
+    "engine_version": "1.20.0.0",
+    "method": "blacklist",
+    "result": "Hacktool.Rootkit"
+  },
+  "SymantecMobileInsight": {
+    "category": "type-unsupported",
+    "engine_name": "SymantecMobileInsight",
+    "engine_update": "20230119",
+    "engine_version": "2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "TACHYON": {
+    "category": "undetected",
+    "engine_name": "TACHYON",
+    "engine_update": "20230426",
+    "engine_version": "2023-04-26.01",
+    "method": "blacklist",
+    "result": null
+  },
+  "Tencent": {
+    "category": "malicious",
+    "engine_name": "Tencent",
+    "engine_update": "20230426",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": "Linux.Exploit.Local.Gplw"
+  },
+  "Trapmine": {
+    "category": "type-unsupported",
+    "engine_name": "Trapmine",
+    "engine_update": "20230412",
+    "engine_version": "4.0.14.446",
+    "method": "blacklist",
+    "result": null
+  },
+  "TrendMicro": {
+    "category": "malicious",
+    "engine_name": "TrendMicro",
+    "engine_update": "20230425",
+    "engine_version": "11.0.0.1006",
+    "method": "blacklist",
+    "result": "TROJ_Generic"
+  },
+  "TrendMicro-HouseCall": {
+    "category": "malicious",
+    "engine_name": "TrendMicro-HouseCall",
+    "engine_update": "20230426",
+    "engine_version": "10.0.0.1040",
+    "method": "blacklist",
+    "result": "TROJ_Generic"
+  },
+  "Trustlook": {
+    "category": "type-unsupported",
+    "engine_name": "Trustlook",
+    "engine_update": "20230426",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VBA32": {
+    "category": "undetected",
+    "engine_name": "VBA32",
+    "engine_update": "20230421",
+    "engine_version": "5.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VIPRE": {
+    "category": "malicious",
+    "engine_name": "VIPRE",
+    "engine_update": "20230425",
+    "engine_version": "6.0.0.35",
+    "method": "blacklist",
+    "result": "Trojan.Exploit.Linux.Local.G"
+  },
+  "ViRobot": {
+    "category": "undetected",
+    "engine_name": "ViRobot",
+    "engine_update": "20230425",
+    "engine_version": "2014.3.20.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VirIT": {
+    "category": "undetected",
+    "engine_name": "VirIT",
+    "engine_update": "20230424",
+    "engine_version": "9.5.435",
+    "method": "blacklist",
+    "result": null
+  },
+  "Webroot": {
+    "category": "type-unsupported",
+    "engine_name": "Webroot",
+    "engine_update": "20230426",
+    "engine_version": "1.0.0.403",
+    "method": "blacklist",
+    "result": null
+  },
+  "Xcitium": {
+    "category": "malicious",
+    "engine_name": "Xcitium",
+    "engine_update": "20230425",
+    "engine_version": "35588",
+    "method": "blacklist",
+    "result": "Malware@#3v0p2sqqn68wd"
+  },
+  "Yandex": {
+    "category": "undetected",
+    "engine_name": "Yandex",
+    "engine_update": "20230425",
+    "engine_version": "5.5.2.24",
+    "method": "blacklist",
+    "result": null
+  },
+  "Zillya": {
+    "category": "malicious",
+    "engine_name": "Zillya",
+    "engine_update": "20230424",
+    "engine_version": "2.0.0.4859",
+    "method": "blacklist",
+    "result": "Exploit.Local.Linux.10"
+  },
+  "ZoneAlarm": {
+    "category": "malicious",
+    "engine_name": "ZoneAlarm",
+    "engine_update": "20230425",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": "Exploit.Linux.Local.g"
+  },
+  "Zoner": {
+    "category": "undetected",
+    "engine_name": "Zoner",
+    "engine_update": "20230425",
+    "engine_version": "2.2.2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "tehtris": {
+    "category": "type-unsupported",
+    "engine_name": "tehtris",
+    "engine_update": "20230426",
+    "engine_version": "v0.1.4",
+    "method": "blacklist",
+    "result": null
+  }
+}
--- a/linux/bc70f90946d19b022fae8740cd3d5b349da29d1b3353cc01c3192ba0ba48ae79/README.md
+++ b/linux/bc70f90946d19b022fae8740cd3d5b349da29d1b3353cc01c3192ba0ba48ae79/README.md
@ -0,0 +1,59 @@
+
+# Sample Information
+
+<table>
+  <tr>
+    <td><b>VirusTotal Threat Label</b></td>
+    <td><b><span style="color: red">unknown</span></b></td>
+  </tr>
+  <tr>
+    <td><b>md5</b></td>
+    <td>7eea3513ae50fe2e1d88c91936831b4e</td>
+  </tr>
+  <tr>
+    <td><b>sha1</b></td>
+    <td>46ac7dcf5566ca4a6eadfdead34ea290ab23fc29</td>
+  </tr>
+  <tr>
+    <td><b>sha256</b></td>
+    <td>bc70f90946d19b022fae8740cd3d5b349da29d1b3353cc01c3192ba0ba48ae79</td>
+  </tr>
+  <tr>
+    <td><b>sha512</b></td>
+    <td>90d23fc3bab46009b0c57119b28764aef6a20fe591597c292878be2d08b8bf93ef309319a141c1c40131cc797211ae1fa40c77c9e67ca644693f771f99abe815</td>
+  </tr>
+</table>
+
+**VirusTotal**: https://www.virustotal.com/gui/file/bc70f90946d19b022fae8740cd3d5b349da29d1b3353cc01c3192ba0ba48ae79
+
+## Detection Names
+
+a variant of Linux/Mirai.A  
+Backdoor.Linux.cvfs  
+Backdoor.Linux.Mirai.wam  
+Backdoor.Mirai/Linux!1.BBED (CLOUD)  
+Backdoor.Mirai.Linux.64830  
+Detected  
+E32/DCMirai.HBVP-4  
+ELF/Mirai.AT!tr  
+ELF:Mirai-GH [Trj]  
+GenericRXRF-AW!7EEA3513AE50  
+HEUR:Backdoor.Linux.Mirai.b  
+Linux.Mirai  
+Linux.Mirai.BUK  
+LINUX/Mirai.vjxwx  
+Linux.Siggen.9999  
+Mal/Generic-S  
+Malicious (score: 99)  
+Malware@#1v8msmkw4mn1l  
+malware (ai score=94)  
+Malware.LINUX/Mirai.vjxwx  
+Suspicious.Linux.Save.a  
+Trojan:JS/CoinHive  
+Trojan.Linux.Generic.64383  
+Trojan.Linux.Generic.64383 (B)  
+Trojan.Linux.Generic.DFB7F  
+Trojan.Linux.Mirai  
+Trojan.Linux.Mirai.K!c  
+Unix.Malware.Agent-6974494-0  
+
--- a/linux/bc70f90946d19b022fae8740cd3d5b349da29d1b3353cc01c3192ba0ba48ae79/virustotal.json
+++ b/linux/bc70f90946d19b022fae8740cd3d5b349da29d1b3353cc01c3192ba0ba48ae79/virustotal.json
@ -0,0 +1,610 @@
+{
+  "ALYac": {
+    "category": "malicious",
+    "engine_name": "ALYac",
+    "engine_update": "20231119",
+    "engine_version": "1.1.3.1",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.64383"
+  },
+  "APEX": {
+    "category": "type-unsupported",
+    "engine_name": "APEX",
+    "engine_update": "20231113",
+    "engine_version": "6.475",
+    "method": "blacklist",
+    "result": null
+  },
+  "AVG": {
+    "category": "malicious",
+    "engine_name": "AVG",
+    "engine_update": "20231119",
+    "engine_version": "23.9.8494.0",
+    "method": "blacklist",
+    "result": "ELF:Mirai-GH [Trj]"
+  },
+  "Acronis": {
+    "category": "undetected",
+    "engine_name": "Acronis",
+    "engine_update": "20230828",
+    "engine_version": "1.2.0.121",
+    "method": "blacklist",
+    "result": null
+  },
+  "AhnLab-V3": {
+    "category": "undetected",
+    "engine_name": "AhnLab-V3",
+    "engine_update": "20231119",
+    "engine_version": "3.24.0.10447",
+    "method": "blacklist",
+    "result": null
+  },
+  "Alibaba": {
+    "category": "type-unsupported",
+    "engine_name": "Alibaba",
+    "engine_update": "20190527",
+    "engine_version": "0.3.0.5",
+    "method": "blacklist",
+    "result": null
+  },
+  "Antiy-AVL": {
+    "category": "undetected",
+    "engine_name": "Antiy-AVL",
+    "engine_update": "20231119",
+    "engine_version": "3.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Arcabit": {
+    "category": "malicious",
+    "engine_name": "Arcabit",
+    "engine_update": "20231119",
+    "engine_version": "2022.0.0.18",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.DFB7F"
+  },
+  "Avast": {
+    "category": "malicious",
+    "engine_name": "Avast",
+    "engine_update": "20231119",
+    "engine_version": "23.9.8494.0",
+    "method": "blacklist",
+    "result": "ELF:Mirai-GH [Trj]"
+  },
+  "Avast-Mobile": {
+    "category": "malicious",
+    "engine_name": "Avast-Mobile",
+    "engine_update": "20231119",
+    "engine_version": "231119-00",
+    "method": "blacklist",
+    "result": "ELF:Mirai-GH [Trj]"
+  },
+  "Avira": {
+    "category": "malicious",
+    "engine_name": "Avira",
+    "engine_update": "20231119",
+    "engine_version": "8.3.3.16",
+    "method": "blacklist",
+    "result": "LINUX/Mirai.vjxwx"
+  },
+  "Baidu": {
+    "category": "undetected",
+    "engine_name": "Baidu",
+    "engine_update": "20190318",
+    "engine_version": "1.0.0.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefender": {
+    "category": "malicious",
+    "engine_name": "BitDefender",
+    "engine_update": "20231119",
+    "engine_version": "7.2",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.64383"
+  },
+  "BitDefenderFalx": {
+    "category": "type-unsupported",
+    "engine_name": "BitDefenderFalx",
+    "engine_update": "20230921",
+    "engine_version": "2.0.936",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefenderTheta": {
+    "category": "undetected",
+    "engine_name": "BitDefenderTheta",
+    "engine_update": "20231023",
+    "engine_version": "7.2.37796.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Bkav": {
+    "category": "undetected",
+    "engine_name": "Bkav",
+    "engine_update": "20231119",
+    "engine_version": "2.0.0.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "CAT-QuickHeal": {
+    "category": "undetected",
+    "engine_name": "CAT-QuickHeal",
+    "engine_update": "20231118",
+    "engine_version": "22.00",
+    "method": "blacklist",
+    "result": null
+  },
+  "CMC": {
+    "category": "undetected",
+    "engine_name": "CMC",
+    "engine_update": "20230822",
+    "engine_version": "2.4.2022.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "ClamAV": {
+    "category": "malicious",
+    "engine_name": "ClamAV",
+    "engine_update": "20231118",
+    "engine_version": "1.2.1.0",
+    "method": "blacklist",
+    "result": "Unix.Malware.Agent-6974494-0"
+  },
+  "CrowdStrike": {
+    "category": "type-unsupported",
+    "engine_name": "CrowdStrike",
+    "engine_update": "20220812",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cybereason": {
+    "category": "type-unsupported",
+    "engine_name": "Cybereason",
+    "engine_update": "20231102",
+    "engine_version": "1.2.449",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cylance": {
+    "category": "type-unsupported",
+    "engine_name": "Cylance",
+    "engine_update": "20231108",
+    "engine_version": "2.0.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cynet": {
+    "category": "malicious",
+    "engine_name": "Cynet",
+    "engine_update": "20231119",
+    "engine_version": "4.0.0.28",
+    "method": "blacklist",
+    "result": "Malicious (score: 99)"
+  },
+  "DeepInstinct": {
+    "category": "type-unsupported",
+    "engine_name": "DeepInstinct",
+    "engine_update": "20231116",
+    "engine_version": "3.1.0.15",
+    "method": "blacklist",
+    "result": null
+  },
+  "DrWeb": {
+    "category": "malicious",
+    "engine_name": "DrWeb",
+    "engine_update": "20231119",
+    "engine_version": "7.0.61.8090",
+    "method": "blacklist",
+    "result": "Linux.Siggen.9999"
+  },
+  "ESET-NOD32": {
+    "category": "malicious",
+    "engine_name": "ESET-NOD32",
+    "engine_update": "20231118",
+    "engine_version": "28261",
+    "method": "blacklist",
+    "result": "a variant of Linux/Mirai.A"
+  },
+  "Elastic": {
+    "category": "undetected",
+    "engine_name": "Elastic",
+    "engine_update": "20231106",
+    "engine_version": "4.0.116",
+    "method": "blacklist",
+    "result": null
+  },
+  "Emsisoft": {
+    "category": "malicious",
+    "engine_name": "Emsisoft",
+    "engine_update": "20231119",
+    "engine_version": "2022.6.0.32461",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.64383 (B)"
+  },
+  "F-Secure": {
+    "category": "malicious",
+    "engine_name": "F-Secure",
+    "engine_update": "20231119",
+    "engine_version": "18.10.1547.307",
+    "method": "blacklist",
+    "result": "Malware.LINUX/Mirai.vjxwx"
+  },
+  "FireEye": {
+    "category": "malicious",
+    "engine_name": "FireEye",
+    "engine_update": "20231119",
+    "engine_version": "35.24.1.0",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.64383"
+  },
+  "Fortinet": {
+    "category": "malicious",
+    "engine_name": "Fortinet",
+    "engine_update": "20231119",
+    "engine_version": "None",
+    "method": "blacklist",
+    "result": "ELF/Mirai.AT!tr"
+  },
+  "GData": {
+    "category": "malicious",
+    "engine_name": "GData",
+    "engine_update": "20231119",
+    "engine_version": "A:25.36837B:27.33912",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.64383"
+  },
+  "Google": {
+    "category": "malicious",
+    "engine_name": "Google",
+    "engine_update": "20231119",
+    "engine_version": "1700382630",
+    "method": "blacklist",
+    "result": "Detected"
+  },
+  "Gridinsoft": {
+    "category": "undetected",
+    "engine_name": "Gridinsoft",
+    "engine_update": "20231119",
+    "engine_version": "1.0.147.174",
+    "method": "blacklist",
+    "result": null
+  },
+  "Ikarus": {
+    "category": "malicious",
+    "engine_name": "Ikarus",
+    "engine_update": "20231118",
+    "engine_version": "6.2.4.0",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Mirai"
+  },
+  "Jiangmin": {
+    "category": "malicious",
+    "engine_name": "Jiangmin",
+    "engine_update": "20231118",
+    "engine_version": "16.0.100",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.cvfs"
+  },
+  "K7AntiVirus": {
+    "category": "undetected",
+    "engine_name": "K7AntiVirus",
+    "engine_update": "20231119",
+    "engine_version": "12.126.50249",
+    "method": "blacklist",
+    "result": null
+  },
+  "K7GW": {
+    "category": "undetected",
+    "engine_name": "K7GW",
+    "engine_update": "20231119",
+    "engine_version": "12.126.50249",
+    "method": "blacklist",
+    "result": null
+  },
+  "Kaspersky": {
+    "category": "malicious",
+    "engine_name": "Kaspersky",
+    "engine_update": "20231119",
+    "engine_version": "22.0.1.28",
+    "method": "blacklist",
+    "result": "HEUR:Backdoor.Linux.Mirai.b"
+  },
+  "Kingsoft": {
+    "category": "undetected",
+    "engine_name": "Kingsoft",
+    "engine_update": "20230906",
+    "engine_version": "None",
+    "method": "blacklist",
+    "result": null
+  },
+  "Lionic": {
+    "category": "malicious",
+    "engine_name": "Lionic",
+    "engine_update": "20231119",
+    "engine_version": "7.5",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Mirai.K!c"
+  },
+  "MAX": {
+    "category": "malicious",
+    "engine_name": "MAX",
+    "engine_update": "20231119",
+    "engine_version": "2023.1.4.1",
+    "method": "blacklist",
+    "result": "malware (ai score=94)"
+  },
+  "Malwarebytes": {
+    "category": "undetected",
+    "engine_name": "Malwarebytes",
+    "engine_update": "20231119",
+    "engine_version": "4.5.5.54",
+    "method": "blacklist",
+    "result": null
+  },
+  "MaxSecure": {
+    "category": "undetected",
+    "engine_name": "MaxSecure",
+    "engine_update": "20231118",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "McAfee": {
+    "category": "malicious",
+    "engine_name": "McAfee",
+    "engine_update": "20231119",
+    "engine_version": "6.0.6.653",
+    "method": "blacklist",
+    "result": "GenericRXRF-AW!7EEA3513AE50"
+  },
+  "MicroWorld-eScan": {
+    "category": "malicious",
+    "engine_name": "MicroWorld-eScan",
+    "engine_update": "20231119",
+    "engine_version": "14.0.409.0",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.64383"
+  },
+  "Microsoft": {
+    "category": "malicious",
+    "engine_name": "Microsoft",
+    "engine_update": "20231119",
+    "engine_version": "1.1.23100.2009",
+    "method": "blacklist",
+    "result": "Trojan:JS/CoinHive"
+  },
+  "NANO-Antivirus": {
+    "category": "undetected",
+    "engine_name": "NANO-Antivirus",
+    "engine_update": "20231119",
+    "engine_version": "1.0.146.25796",
+    "method": "blacklist",
+    "result": null
+  },
+  "Paloalto": {
+    "category": "type-unsupported",
+    "engine_name": "Paloalto",
+    "engine_update": "20231119",
+    "engine_version": "0.9.0.1003",
+    "method": "blacklist",
+    "result": null
+  },
+  "Panda": {
+    "category": "undetected",
+    "engine_name": "Panda",
+    "engine_update": "20231119",
+    "engine_version": "4.6.4.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "Rising": {
+    "category": "malicious",
+    "engine_name": "Rising",
+    "engine_update": "20231119",
+    "engine_version": "25.0.0.27",
+    "method": "blacklist",
+    "result": "Backdoor.Mirai/Linux!1.BBED (CLOUD)"
+  },
+  "SUPERAntiSpyware": {
+    "category": "undetected",
+    "engine_name": "SUPERAntiSpyware",
+    "engine_update": "20231118",
+    "engine_version": "5.6.0.1032",
+    "method": "blacklist",
+    "result": null
+  },
+  "Sangfor": {
+    "category": "malicious",
+    "engine_name": "Sangfor",
+    "engine_update": "20231026",
+    "engine_version": "2.23.0.0",
+    "method": "blacklist",
+    "result": "Suspicious.Linux.Save.a"
+  },
+  "SentinelOne": {
+    "category": "type-unsupported",
+    "engine_name": "SentinelOne",
+    "engine_update": "20231119",
+    "engine_version": "23.4.2.3",
+    "method": "blacklist",
+    "result": null
+  },
+  "Skyhigh": {
+    "category": "malicious",
+    "engine_name": "Skyhigh",
+    "engine_update": "20231118",
+    "engine_version": "v2021.2.0+4045",
+    "method": "blacklist",
+    "result": "GenericRXRF-AW!7EEA3513AE50"
+  },
+  "Sophos": {
+    "category": "malicious",
+    "engine_name": "Sophos",
+    "engine_update": "20231118",
+    "engine_version": "2.1.2.0",
+    "method": "blacklist",
+    "result": "Mal/Generic-S"
+  },
+  "Symantec": {
+    "category": "malicious",
+    "engine_name": "Symantec",
+    "engine_update": "20231118",
+    "engine_version": "1.21.0.0",
+    "method": "blacklist",
+    "result": "Linux.Mirai"
+  },
+  "SymantecMobileInsight": {
+    "category": "type-unsupported",
+    "engine_name": "SymantecMobileInsight",
+    "engine_update": "20230119",
+    "engine_version": "2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "TACHYON": {
+    "category": "undetected",
+    "engine_name": "TACHYON",
+    "engine_update": "20231119",
+    "engine_version": "2023-11-19.01",
+    "method": "blacklist",
+    "result": null
+  },
+  "Tencent": {
+    "category": "malicious",
+    "engine_name": "Tencent",
+    "engine_update": "20231119",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.Mirai.wam"
+  },
+  "Trapmine": {
+    "category": "type-unsupported",
+    "engine_name": "Trapmine",
+    "engine_update": "20231106",
+    "engine_version": "4.0.14.97",
+    "method": "blacklist",
+    "result": null
+  },
+  "TrendMicro": {
+    "category": "undetected",
+    "engine_name": "TrendMicro",
+    "engine_update": "20231119",
+    "engine_version": "11.0.0.1006",
+    "method": "blacklist",
+    "result": null
+  },
+  "TrendMicro-HouseCall": {
+    "category": "undetected",
+    "engine_name": "TrendMicro-HouseCall",
+    "engine_update": "20231119",
+    "engine_version": "10.0.0.1040",
+    "method": "blacklist",
+    "result": null
+  },
+  "Trustlook": {
+    "category": "type-unsupported",
+    "engine_name": "Trustlook",
+    "engine_update": "20231119",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VBA32": {
+    "category": "undetected",
+    "engine_name": "VBA32",
+    "engine_update": "20231117",
+    "engine_version": "5.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VIPRE": {
+    "category": "malicious",
+    "engine_name": "VIPRE",
+    "engine_update": "20231116",
+    "engine_version": "6.0.0.35",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.64383"
+  },
+  "Varist": {
+    "category": "malicious",
+    "engine_name": "Varist",
+    "engine_update": "20231119",
+    "engine_version": "6.5.1.2",
+    "method": "blacklist",
+    "result": "E32/DCMirai.HBVP-4"
+  },
+  "ViRobot": {
+    "category": "undetected",
+    "engine_name": "ViRobot",
+    "engine_update": "20231118",
+    "engine_version": "2014.3.20.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VirIT": {
+    "category": "malicious",
+    "engine_name": "VirIT",
+    "engine_update": "20231117",
+    "engine_version": "9.5.581",
+    "method": "blacklist",
+    "result": "Linux.Mirai.BUK"
+  },
+  "Webroot": {
+    "category": "type-unsupported",
+    "engine_name": "Webroot",
+    "engine_update": "20231119",
+    "engine_version": "1.0.0.403",
+    "method": "blacklist",
+    "result": null
+  },
+  "Xcitium": {
+    "category": "malicious",
+    "engine_name": "Xcitium",
+    "engine_update": "20231118",
+    "engine_version": "36188",
+    "method": "blacklist",
+    "result": "Malware@#1v8msmkw4mn1l"
+  },
+  "Yandex": {
+    "category": "undetected",
+    "engine_name": "Yandex",
+    "engine_update": "20231119",
+    "engine_version": "5.5.2.24",
+    "method": "blacklist",
+    "result": null
+  },
+  "Zillya": {
+    "category": "malicious",
+    "engine_name": "Zillya",
+    "engine_update": "20231117",
+    "engine_version": "2.0.0.4997",
+    "method": "blacklist",
+    "result": "Backdoor.Mirai.Linux.64830"
+  },
+  "ZoneAlarm": {
+    "category": "malicious",
+    "engine_name": "ZoneAlarm",
+    "engine_update": "20231119",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": "HEUR:Backdoor.Linux.Mirai.b"
+  },
+  "Zoner": {
+    "category": "undetected",
+    "engine_name": "Zoner",
+    "engine_update": "20231119",
+    "engine_version": "2.2.2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "tehtris": {
+    "category": "type-unsupported",
+    "engine_name": "tehtris",
+    "engine_update": "20231119",
+    "engine_version": "v0.1.4-109-g76614fd",
+    "method": "blacklist",
+    "result": null
+  }
+}
--- a/linux/d14544d70f8193d9369020701d02a028408646cfd432e344da98c93ceaaa5e87/README.md
+++ b/linux/d14544d70f8193d9369020701d02a028408646cfd432e344da98c93ceaaa5e87/README.md
@ -0,0 +1,48 @@
+
+# Sample Information
+
+<table>
+  <tr>
+    <td><b>VirusTotal Threat Label</b></td>
+    <td><b><span style="color: red">unknown</span></b></td>
+  </tr>
+  <tr>
+    <td><b>md5</b></td>
+    <td>818f3611e82adae2f5577cc2beda13c2</td>
+  </tr>
+  <tr>
+    <td><b>sha1</b></td>
+    <td>c9dc95d735fb4f3af183b3118e44d337c3f4b1ba</td>
+  </tr>
+  <tr>
+    <td><b>sha256</b></td>
+    <td>d14544d70f8193d9369020701d02a028408646cfd432e344da98c93ceaaa5e87</td>
+  </tr>
+  <tr>
+    <td><b>sha512</b></td>
+    <td>d18e3a7a7af77243f764e06180ebb3cc19c263fd65073ab238dbbd8c0da0d658c3e2863ef3c8e92a0a692c5eb61ed7280b5810375e2b945ecd3e3522481be91d</td>
+  </tr>
+</table>
+
+**VirusTotal**: https://www.virustotal.com/gui/file/d14544d70f8193d9369020701d02a028408646cfd432e344da98c93ceaaa5e87
+
+## Detection Names
+
+Backdoor.Linux.ayjk  
+Backdoor.Linux.Mirai  
+Backdoor:Linux/Mirai.YA!MTB  
+ELF/Agent.MKVM!tr  
+GenericRXJQ-YA!818F3611E82A  
+Linux/Hajime.18048  
+Linux.Mirai.4338  
+LINUX/Mirai.mznjr  
+Malicious (score: 99)  
+malware (ai score=99)  
+Trojan.ElfArm32.Mirai.hwjamu  
+Trojan.Generic.D207A4DB  
+Trojan.GenericKD.34055387  
+Trojan.GenericKD.34055387 (B)  
+Trojan.Gen.NPE  
+Trojan.Linux.Generic.4!c  
+Trojan.Mirai.Linux.77146  
+
--- a/linux/d14544d70f8193d9369020701d02a028408646cfd432e344da98c93ceaaa5e87/virustotal.json
+++ b/linux/d14544d70f8193d9369020701d02a028408646cfd432e344da98c93ceaaa5e87/virustotal.json
@ -0,0 +1,594 @@
+{
+  "ALYac": {
+    "category": "malicious",
+    "engine_name": "ALYac",
+    "engine_update": "20210503",
+    "engine_version": "1.1.3.1",
+    "method": "blacklist",
+    "result": "Trojan.GenericKD.34055387"
+  },
+  "APEX": {
+    "category": "type-unsupported",
+    "engine_name": "APEX",
+    "engine_update": "20210501",
+    "engine_version": "6.159",
+    "method": "blacklist",
+    "result": null
+  },
+  "Acronis": {
+    "category": "undetected",
+    "engine_name": "Acronis",
+    "engine_update": "20210211",
+    "engine_version": "1.1.1.81",
+    "method": "blacklist",
+    "result": null
+  },
+  "Ad-Aware": {
+    "category": "malicious",
+    "engine_name": "Ad-Aware",
+    "engine_update": "20210503",
+    "engine_version": "3.0.21.179",
+    "method": "blacklist",
+    "result": "Trojan.GenericKD.34055387"
+  },
+  "AhnLab-V3": {
+    "category": "malicious",
+    "engine_name": "AhnLab-V3",
+    "engine_update": "20210503",
+    "engine_version": "3.20.0.10177",
+    "method": "blacklist",
+    "result": "Linux/Hajime.18048"
+  },
+  "Alibaba": {
+    "category": "type-unsupported",
+    "engine_name": "Alibaba",
+    "engine_update": "20190527",
+    "engine_version": "0.3.0.5",
+    "method": "blacklist",
+    "result": null
+  },
+  "Antiy-AVL": {
+    "category": "undetected",
+    "engine_name": "Antiy-AVL",
+    "engine_update": "20210503",
+    "engine_version": "3.0.0.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "Arcabit": {
+    "category": "malicious",
+    "engine_name": "Arcabit",
+    "engine_update": "20210503",
+    "engine_version": "1.0.0.886",
+    "method": "blacklist",
+    "result": "Trojan.Generic.D207A4DB"
+  },
+  "Avast": {
+    "category": "undetected",
+    "engine_name": "Avast",
+    "engine_update": "20210503",
+    "engine_version": "21.1.5827.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Avast-Mobile": {
+    "category": "undetected",
+    "engine_name": "Avast-Mobile",
+    "engine_update": "20210503",
+    "engine_version": "210503-00",
+    "method": "blacklist",
+    "result": null
+  },
+  "Avira": {
+    "category": "malicious",
+    "engine_name": "Avira",
+    "engine_update": "20210503",
+    "engine_version": "8.3.3.12",
+    "method": "blacklist",
+    "result": "LINUX/Mirai.mznjr"
+  },
+  "Baidu": {
+    "category": "undetected",
+    "engine_name": "Baidu",
+    "engine_update": "20190318",
+    "engine_version": "1.0.0.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefender": {
+    "category": "malicious",
+    "engine_name": "BitDefender",
+    "engine_update": "20210503",
+    "engine_version": "7.2",
+    "method": "blacklist",
+    "result": "Trojan.GenericKD.34055387"
+  },
+  "BitDefenderFalx": {
+    "category": "type-unsupported",
+    "engine_name": "BitDefenderFalx",
+    "engine_update": "20200916",
+    "engine_version": "2.0.936",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefenderTheta": {
+    "category": "undetected",
+    "engine_name": "BitDefenderTheta",
+    "engine_update": "20210429",
+    "engine_version": "7.2.37796.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Bkav": {
+    "category": "undetected",
+    "engine_name": "Bkav",
+    "engine_update": "20210429",
+    "engine_version": "1.3.0.9899",
+    "method": "blacklist",
+    "result": null
+  },
+  "CAT-QuickHeal": {
+    "category": "undetected",
+    "engine_name": "CAT-QuickHeal",
+    "engine_update": "20210503",
+    "engine_version": "14.00",
+    "method": "blacklist",
+    "result": null
+  },
+  "CMC": {
+    "category": "undetected",
+    "engine_name": "CMC",
+    "engine_update": "20210327",
+    "engine_version": "2.10.2019.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "ClamAV": {
+    "category": "undetected",
+    "engine_name": "ClamAV",
+    "engine_update": "20210503",
+    "engine_version": "0.103.2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Comodo": {
+    "category": "undetected",
+    "engine_name": "Comodo",
+    "engine_update": "20210503",
+    "engine_version": "33494",
+    "method": "blacklist",
+    "result": null
+  },
+  "CrowdStrike": {
+    "category": "type-unsupported",
+    "engine_name": "CrowdStrike",
+    "engine_update": "20210203",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cybereason": {
+    "category": "type-unsupported",
+    "engine_name": "Cybereason",
+    "engine_update": "20210330",
+    "engine_version": "1.2.449",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cylance": {
+    "category": "type-unsupported",
+    "engine_name": "Cylance",
+    "engine_update": "20210503",
+    "engine_version": "2.3.1.101",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cynet": {
+    "category": "malicious",
+    "engine_name": "Cynet",
+    "engine_update": "20210503",
+    "engine_version": "4.0.0.27",
+    "method": "blacklist",
+    "result": "Malicious (score: 99)"
+  },
+  "Cyren": {
+    "category": "undetected",
+    "engine_name": "Cyren",
+    "engine_update": "20210503",
+    "engine_version": "6.3.0.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "DrWeb": {
+    "category": "malicious",
+    "engine_name": "DrWeb",
+    "engine_update": "20210503",
+    "engine_version": "7.0.49.9080",
+    "method": "blacklist",
+    "result": "Linux.Mirai.4338"
+  },
+  "ESET-NOD32": {
+    "category": "undetected",
+    "engine_name": "ESET-NOD32",
+    "engine_update": "20210503",
+    "engine_version": "23233",
+    "method": "blacklist",
+    "result": null
+  },
+  "Elastic": {
+    "category": "type-unsupported",
+    "engine_name": "Elastic",
+    "engine_update": "20210420",
+    "engine_version": "4.0.21",
+    "method": "blacklist",
+    "result": null
+  },
+  "Emsisoft": {
+    "category": "malicious",
+    "engine_name": "Emsisoft",
+    "engine_update": "20210503",
+    "engine_version": "2018.12.0.1641",
+    "method": "blacklist",
+    "result": "Trojan.GenericKD.34055387 (B)"
+  },
+  "F-Secure": {
+    "category": "undetected",
+    "engine_name": "F-Secure",
+    "engine_update": "20210331",
+    "engine_version": "12.0.86.52",
+    "method": "blacklist",
+    "result": null
+  },
+  "FireEye": {
+    "category": "malicious",
+    "engine_name": "FireEye",
+    "engine_update": "20210503",
+    "engine_version": "32.44.1.0",
+    "method": "blacklist",
+    "result": "Trojan.GenericKD.34055387"
+  },
+  "Fortinet": {
+    "category": "malicious",
+    "engine_name": "Fortinet",
+    "engine_update": "20210503",
+    "engine_version": "6.2.142.0",
+    "method": "blacklist",
+    "result": "ELF/Agent.MKVM!tr"
+  },
+  "GData": {
+    "category": "malicious",
+    "engine_name": "GData",
+    "engine_update": "20210503",
+    "engine_version": "A:25.29514B:27.22873",
+    "method": "blacklist",
+    "result": "Trojan.GenericKD.34055387"
+  },
+  "Gridinsoft": {
+    "category": "undetected",
+    "engine_name": "Gridinsoft",
+    "engine_update": "20210503",
+    "engine_version": "1.0.39.131",
+    "method": "blacklist",
+    "result": null
+  },
+  "Ikarus": {
+    "category": "malicious",
+    "engine_name": "Ikarus",
+    "engine_update": "20210503",
+    "engine_version": "0.1.5.2",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.Mirai"
+  },
+  "Jiangmin": {
+    "category": "malicious",
+    "engine_name": "Jiangmin",
+    "engine_update": "20210502",
+    "engine_version": "16.0.100",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.ayjk"
+  },
+  "K7AntiVirus": {
+    "category": "undetected",
+    "engine_name": "K7AntiVirus",
+    "engine_update": "20210503",
+    "engine_version": "11.180.37061",
+    "method": "blacklist",
+    "result": null
+  },
+  "K7GW": {
+    "category": "undetected",
+    "engine_name": "K7GW",
+    "engine_update": "20210503",
+    "engine_version": "11.180.37062",
+    "method": "blacklist",
+    "result": null
+  },
+  "Kaspersky": {
+    "category": "undetected",
+    "engine_name": "Kaspersky",
+    "engine_update": "20210503",
+    "engine_version": "21.0.1.45",
+    "method": "blacklist",
+    "result": null
+  },
+  "Kingsoft": {
+    "category": "undetected",
+    "engine_name": "Kingsoft",
+    "engine_update": "20210503",
+    "engine_version": "2017.9.26.565",
+    "method": "blacklist",
+    "result": null
+  },
+  "Lionic": {
+    "category": "malicious",
+    "engine_name": "AegisLab",
+    "engine_update": "20210503",
+    "engine_version": "4.2",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.4!c"
+  },
+  "MAX": {
+    "category": "malicious",
+    "engine_name": "MAX",
+    "engine_update": "20210503",
+    "engine_version": "2019.9.16.1",
+    "method": "blacklist",
+    "result": "malware (ai score=99)"
+  },
+  "Malwarebytes": {
+    "category": "undetected",
+    "engine_name": "Malwarebytes",
+    "engine_update": "20210503",
+    "engine_version": "4.2.2.27",
+    "method": "blacklist",
+    "result": null
+  },
+  "MaxSecure": {
+    "category": "undetected",
+    "engine_name": "MaxSecure",
+    "engine_update": "20210430",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "McAfee": {
+    "category": "malicious",
+    "engine_name": "McAfee",
+    "engine_update": "20210503",
+    "engine_version": "6.0.6.653",
+    "method": "blacklist",
+    "result": "GenericRXJQ-YA!818F3611E82A"
+  },
+  "McAfee-GW-Edition": {
+    "category": "malicious",
+    "engine_name": "McAfee-GW-Edition",
+    "engine_update": "20210503",
+    "engine_version": "v2019.1.2+3728",
+    "method": "blacklist",
+    "result": "GenericRXJQ-YA!818F3611E82A"
+  },
+  "MicroWorld-eScan": {
+    "category": "malicious",
+    "engine_name": "MicroWorld-eScan",
+    "engine_update": "20210503",
+    "engine_version": "14.0.409.0",
+    "method": "blacklist",
+    "result": "Trojan.GenericKD.34055387"
+  },
+  "Microsoft": {
+    "category": "malicious",
+    "engine_name": "Microsoft",
+    "engine_update": "20210503",
+    "engine_version": "1.1.18100.5",
+    "method": "blacklist",
+    "result": "Backdoor:Linux/Mirai.YA!MTB"
+  },
+  "NANO-Antivirus": {
+    "category": "malicious",
+    "engine_name": "NANO-Antivirus",
+    "engine_update": "20210503",
+    "engine_version": "1.0.146.25279",
+    "method": "blacklist",
+    "result": "Trojan.ElfArm32.Mirai.hwjamu"
+  },
+  "Paloalto": {
+    "category": "type-unsupported",
+    "engine_name": "Paloalto",
+    "engine_update": "20210503",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Panda": {
+    "category": "undetected",
+    "engine_name": "Panda",
+    "engine_update": "20210503",
+    "engine_version": "4.6.4.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "Qihoo-360": {
+    "category": "undetected",
+    "engine_name": "Qihoo-360",
+    "engine_update": "20210503",
+    "engine_version": "1.0.0.1120",
+    "method": "blacklist",
+    "result": null
+  },
+  "Rising": {
+    "category": "undetected",
+    "engine_name": "Rising",
+    "engine_update": "20210503",
+    "engine_version": "25.0.0.26",
+    "method": "blacklist",
+    "result": null
+  },
+  "SUPERAntiSpyware": {
+    "category": "undetected",
+    "engine_name": "SUPERAntiSpyware",
+    "engine_update": "20210430",
+    "engine_version": "5.6.0.1032",
+    "method": "blacklist",
+    "result": null
+  },
+  "Sangfor": {
+    "category": "undetected",
+    "engine_name": "Sangfor",
+    "engine_update": "20210416",
+    "engine_version": "2.9.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "SentinelOne": {
+    "category": "type-unsupported",
+    "engine_name": "SentinelOne",
+    "engine_update": "20210215",
+    "engine_version": "5.0.0.20",
+    "method": "blacklist",
+    "result": null
+  },
+  "Sophos": {
+    "category": "undetected",
+    "engine_name": "Sophos",
+    "engine_update": "20210503",
+    "engine_version": "1.0.2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Symantec": {
+    "category": "malicious",
+    "engine_name": "Symantec",
+    "engine_update": "20210503",
+    "engine_version": "1.14.0.0",
+    "method": "blacklist",
+    "result": "Trojan.Gen.NPE"
+  },
+  "SymantecMobileInsight": {
+    "category": "type-unsupported",
+    "engine_name": "SymantecMobileInsight",
+    "engine_update": "20210126",
+    "engine_version": "2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "TACHYON": {
+    "category": "undetected",
+    "engine_name": "TACHYON",
+    "engine_update": "20210503",
+    "engine_version": "2021-05-03.02",
+    "method": "blacklist",
+    "result": null
+  },
+  "Tencent": {
+    "category": "undetected",
+    "engine_name": "Tencent",
+    "engine_update": "20210503",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "Trapmine": {
+    "category": "type-unsupported",
+    "engine_name": "Trapmine",
+    "engine_update": "20200727",
+    "engine_version": "3.5.0.1023",
+    "method": "blacklist",
+    "result": null
+  },
+  "TrendMicro": {
+    "category": "undetected",
+    "engine_name": "TrendMicro",
+    "engine_update": "20210330",
+    "engine_version": "11.0.0.1006",
+    "method": "blacklist",
+    "result": null
+  },
+  "TrendMicro-HouseCall": {
+    "category": "undetected",
+    "engine_name": "TrendMicro-HouseCall",
+    "engine_update": "20210503",
+    "engine_version": "10.0.0.1040",
+    "method": "blacklist",
+    "result": null
+  },
+  "Trustlook": {
+    "category": "type-unsupported",
+    "engine_name": "Trustlook",
+    "engine_update": "20210503",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VBA32": {
+    "category": "undetected",
+    "engine_name": "VBA32",
+    "engine_update": "20210503",
+    "engine_version": "5.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VIPRE": {
+    "category": "undetected",
+    "engine_name": "VIPRE",
+    "engine_update": "20210503",
+    "engine_version": "92280",
+    "method": "blacklist",
+    "result": null
+  },
+  "ViRobot": {
+    "category": "undetected",
+    "engine_name": "ViRobot",
+    "engine_update": "20210503",
+    "engine_version": "2014.3.20.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Webroot": {
+    "category": "type-unsupported",
+    "engine_name": "Webroot",
+    "engine_update": "20210503",
+    "engine_version": "1.0.0.403",
+    "method": "blacklist",
+    "result": null
+  },
+  "Yandex": {
+    "category": "undetected",
+    "engine_name": "Yandex",
+    "engine_update": "20210502",
+    "engine_version": "5.5.2.24",
+    "method": "blacklist",
+    "result": null
+  },
+  "Zillya": {
+    "category": "malicious",
+    "engine_name": "Zillya",
+    "engine_update": "20210503",
+    "engine_version": "2.0.0.4355",
+    "method": "blacklist",
+    "result": "Trojan.Mirai.Linux.77146"
+  },
+  "ZoneAlarm": {
+    "category": "undetected",
+    "engine_name": "ZoneAlarm",
+    "engine_update": "20210503",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Zoner": {
+    "category": "undetected",
+    "engine_name": "Zoner",
+    "engine_update": "20210502",
+    "engine_version": "0.0.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "eGambit": {
+    "category": "type-unsupported",
+    "engine_name": "eGambit",
+    "engine_update": "20210503",
+    "engine_version": null,
+    "method": "blacklist",
+    "result": null
+  }
+}
--- a/linux/d7df995dd45d5498770389d9e85064cdaa12f623ae9a22b6c61966c70eee5161/README.md
+++ b/linux/d7df995dd45d5498770389d9e85064cdaa12f623ae9a22b6c61966c70eee5161/README.md
@ -0,0 +1,57 @@
+
+# Sample Information
+
+<table>
+  <tr>
+    <td><b>VirusTotal Threat Label</b></td>
+    <td><b><span style="color: red">trojan.sliver/malgo</span></b></td>
+  </tr>
+  <tr>
+    <td><b>md5</b></td>
+    <td>bc5420177b32242d5de286662258639d</td>
+  </tr>
+  <tr>
+    <td><b>sha1</b></td>
+    <td>91593d3f07b3c13790ecf98daaaae0cdac800f2f</td>
+  </tr>
+  <tr>
+    <td><b>sha256</b></td>
+    <td>d7df995dd45d5498770389d9e85064cdaa12f623ae9a22b6c61966c70eee5161</td>
+  </tr>
+  <tr>
+    <td><b>sha512</b></td>
+    <td>0ad3c97a0ed49b8ccfaa2047ce90ce92ea2e6a4cfb3385e117cd759134ea09867c65d5b6bc81e47f94728daf07a93da8547bb37da47e877d624664dbd87f6f57</td>
+  </tr>
+</table>
+
+**VirusTotal**: https://www.virustotal.com/gui/file/d7df995dd45d5498770389d9e85064cdaa12f623ae9a22b6c61966c70eee5161
+
+## Detection Names
+
+a variant of Linux/Packed.Obfuscated.B suspicious  
+Backdoor.Sliver!1.FCA0 (CLOUD)  
+Detected  
+E64/ABRisk.RBUI-4  
+ELF:Sliver-G [Trj]  
+HEUR:Trojan.Multi.MalGO.gen  
+LINUX/AVA.Sliver.vqxpa  
+Linux.Troj.Unknown.a  
+Mal/Generic-S  
+Malicious (score: 99)  
+malware (ai score=99)  
+Malware.LINUX/AVA.Sliver.vqxpa  
+Multi.Trojan.Sliver  
+Program:Linux/Multiverze  
+Riskware/Application  
+Static AI - Malicious ELF  
+Trojan.Gen.NPE  
+Trojan.Linux.Generic.361606  
+Trojan.Linux.Generic.361606 (B)  
+Trojan.Linux.Generic.D58486  
+Trojan/Linux.MalGO.gen  
+Trojan:Linux/MalGO.gyf  
+Trojan.Linux.Sliver.4!c  
+TROJ_GEN.R002H09FP24  
+Unix.Malware.Sliver-10012938-0  
+Win32.Trojan.Malgo.Ximw  
+
--- a/linux/d7df995dd45d5498770389d9e85064cdaa12f623ae9a22b6c61966c70eee5161/virustotal.json
+++ b/linux/d7df995dd45d5498770389d9e85064cdaa12f623ae9a22b6c61966c70eee5161/virustotal.json
@ -0,0 +1,626 @@
+{
+  "ALYac": {
+    "category": "malicious",
+    "engine_name": "ALYac",
+    "engine_update": "20240702",
+    "engine_version": "2.0.0.10",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.361606"
+  },
+  "APEX": {
+    "category": "type-unsupported",
+    "engine_name": "APEX",
+    "engine_update": "20240701",
+    "engine_version": "6.548",
+    "method": "blacklist",
+    "result": null
+  },
+  "AVG": {
+    "category": "malicious",
+    "engine_name": "AVG",
+    "engine_update": "20240702",
+    "engine_version": "23.9.8494.0",
+    "method": "blacklist",
+    "result": "ELF:Sliver-G [Trj]"
+  },
+  "Acronis": {
+    "category": "undetected",
+    "engine_name": "Acronis",
+    "engine_update": "20240328",
+    "engine_version": "1.2.0.121",
+    "method": "blacklist",
+    "result": null
+  },
+  "AhnLab-V3": {
+    "category": "undetected",
+    "engine_name": "AhnLab-V3",
+    "engine_update": "20240702",
+    "engine_version": "3.26.0.10499",
+    "method": "blacklist",
+    "result": null
+  },
+  "Alibaba": {
+    "category": "type-unsupported",
+    "engine_name": "Alibaba",
+    "engine_update": "20190527",
+    "engine_version": "0.3.0.5",
+    "method": "blacklist",
+    "result": null
+  },
+  "Antiy-AVL": {
+    "category": "malicious",
+    "engine_name": "Antiy-AVL",
+    "engine_update": "20240702",
+    "engine_version": "3.0",
+    "method": "blacklist",
+    "result": "Trojan/Linux.MalGO.gen"
+  },
+  "Arcabit": {
+    "category": "malicious",
+    "engine_name": "Arcabit",
+    "engine_update": "20240702",
+    "engine_version": "2022.0.0.18",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.D58486"
+  },
+  "Avast": {
+    "category": "malicious",
+    "engine_name": "Avast",
+    "engine_update": "20240702",
+    "engine_version": "23.9.8494.0",
+    "method": "blacklist",
+    "result": "ELF:Sliver-G [Trj]"
+  },
+  "Avast-Mobile": {
+    "category": "undetected",
+    "engine_name": "Avast-Mobile",
+    "engine_update": "20240701",
+    "engine_version": "240701-00",
+    "method": "blacklist",
+    "result": null
+  },
+  "Avira": {
+    "category": "malicious",
+    "engine_name": "Avira",
+    "engine_update": "20240702",
+    "engine_version": "8.3.3.20",
+    "method": "blacklist",
+    "result": "LINUX/AVA.Sliver.vqxpa"
+  },
+  "Baidu": {
+    "category": "undetected",
+    "engine_name": "Baidu",
+    "engine_update": "20190318",
+    "engine_version": "1.0.0.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefender": {
+    "category": "malicious",
+    "engine_name": "BitDefender",
+    "engine_update": "20240702",
+    "engine_version": "7.2",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.361606"
+  },
+  "BitDefenderFalx": {
+    "category": "type-unsupported",
+    "engine_name": "BitDefenderFalx",
+    "engine_update": "20240128",
+    "engine_version": "2.0.936",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefenderTheta": {
+    "category": "undetected",
+    "engine_name": "BitDefenderTheta",
+    "engine_update": "20240621",
+    "engine_version": "7.2.37796.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Bkav": {
+    "category": "undetected",
+    "engine_name": "Bkav",
+    "engine_update": "20240701",
+    "engine_version": "2.0.0.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "CAT-QuickHeal": {
+    "category": "undetected",
+    "engine_name": "CAT-QuickHeal",
+    "engine_update": "20240701",
+    "engine_version": "22.00",
+    "method": "blacklist",
+    "result": null
+  },
+  "CMC": {
+    "category": "undetected",
+    "engine_name": "CMC",
+    "engine_update": "20240702",
+    "engine_version": "2.4.2022.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "ClamAV": {
+    "category": "malicious",
+    "engine_name": "ClamAV",
+    "engine_update": "20240701",
+    "engine_version": "1.3.1.0",
+    "method": "blacklist",
+    "result": "Unix.Malware.Sliver-10012938-0"
+  },
+  "CrowdStrike": {
+    "category": "undetected",
+    "engine_name": "CrowdStrike",
+    "engine_update": "20230417",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cybereason": {
+    "category": "undetected",
+    "engine_name": "Cybereason",
+    "engine_update": "20180308",
+    "engine_version": null,
+    "method": "blacklist",
+    "result": null
+  },
+  "Cylance": {
+    "category": "type-unsupported",
+    "engine_name": "Cylance",
+    "engine_update": "20240627",
+    "engine_version": "3.0.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cynet": {
+    "category": "malicious",
+    "engine_name": "Cynet",
+    "engine_update": "20240702",
+    "engine_version": "4.0.1.1",
+    "method": "blacklist",
+    "result": "Malicious (score: 99)"
+  },
+  "DeepInstinct": {
+    "category": "type-unsupported",
+    "engine_name": "DeepInstinct",
+    "engine_update": "20240625",
+    "engine_version": "5.0.0.8",
+    "method": "blacklist",
+    "result": null
+  },
+  "DrWeb": {
+    "category": "undetected",
+    "engine_name": "DrWeb",
+    "engine_update": "20240702",
+    "engine_version": "7.0.65.5230",
+    "method": "blacklist",
+    "result": null
+  },
+  "ESET-NOD32": {
+    "category": "malicious",
+    "engine_name": "ESET-NOD32",
+    "engine_update": "20240701",
+    "engine_version": "29484",
+    "method": "blacklist",
+    "result": "a variant of Linux/Packed.Obfuscated.B suspicious"
+  },
+  "Elastic": {
+    "category": "malicious",
+    "engine_name": "Elastic",
+    "engine_update": "20240701",
+    "engine_version": "4.0.156",
+    "method": "blacklist",
+    "result": "Multi.Trojan.Sliver"
+  },
+  "Emsisoft": {
+    "category": "malicious",
+    "engine_name": "Emsisoft",
+    "engine_update": "20240702",
+    "engine_version": "2024.1.0.53752",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.361606 (B)"
+  },
+  "F-Secure": {
+    "category": "malicious",
+    "engine_name": "F-Secure",
+    "engine_update": "20240702",
+    "engine_version": "18.10.1547.307",
+    "method": "blacklist",
+    "result": "Malware.LINUX/AVA.Sliver.vqxpa"
+  },
+  "FireEye": {
+    "category": "malicious",
+    "engine_name": "FireEye",
+    "engine_update": "20240702",
+    "engine_version": "35.47.0.0",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.361606"
+  },
+  "Fortinet": {
+    "category": "malicious",
+    "engine_name": "Fortinet",
+    "engine_update": "20240702",
+    "engine_version": "None",
+    "method": "blacklist",
+    "result": "Riskware/Application"
+  },
+  "GData": {
+    "category": "malicious",
+    "engine_name": "GData",
+    "engine_update": "20240702",
+    "engine_version": "A:25.38393B:27.36571",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.361606"
+  },
+  "Google": {
+    "category": "malicious",
+    "engine_name": "Google",
+    "engine_update": "20240702",
+    "engine_version": "1719898240",
+    "method": "blacklist",
+    "result": "Detected"
+  },
+  "Gridinsoft": {
+    "category": "undetected",
+    "engine_name": "Gridinsoft",
+    "engine_update": "20240702",
+    "engine_version": "1.0.181.174",
+    "method": "blacklist",
+    "result": null
+  },
+  "Ikarus": {
+    "category": "undetected",
+    "engine_name": "Ikarus",
+    "engine_update": "20240701",
+    "engine_version": "6.3.12.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Jiangmin": {
+    "category": "undetected",
+    "engine_name": "Jiangmin",
+    "engine_update": "20240701",
+    "engine_version": "16.0.100",
+    "method": "blacklist",
+    "result": null
+  },
+  "K7AntiVirus": {
+    "category": "undetected",
+    "engine_name": "K7AntiVirus",
+    "engine_update": "20240702",
+    "engine_version": "12.171.52466",
+    "method": "blacklist",
+    "result": null
+  },
+  "K7GW": {
+    "category": "undetected",
+    "engine_name": "K7GW",
+    "engine_update": "20240702",
+    "engine_version": "12.171.52466",
+    "method": "blacklist",
+    "result": null
+  },
+  "Kaspersky": {
+    "category": "malicious",
+    "engine_name": "Kaspersky",
+    "engine_update": "20240702",
+    "engine_version": "22.0.1.28",
+    "method": "blacklist",
+    "result": "HEUR:Trojan.Multi.MalGO.gen"
+  },
+  "Kingsoft": {
+    "category": "malicious",
+    "engine_name": "Kingsoft",
+    "engine_update": "20230906",
+    "engine_version": "None",
+    "method": "blacklist",
+    "result": "Linux.Troj.Unknown.a"
+  },
+  "Lionic": {
+    "category": "malicious",
+    "engine_name": "Lionic",
+    "engine_update": "20240701",
+    "engine_version": "8.16",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Sliver.4!c"
+  },
+  "MAX": {
+    "category": "malicious",
+    "engine_name": "MAX",
+    "engine_update": "20240702",
+    "engine_version": "2023.1.4.1",
+    "method": "blacklist",
+    "result": "malware (ai score=99)"
+  },
+  "Malwarebytes": {
+    "category": "undetected",
+    "engine_name": "Malwarebytes",
+    "engine_update": "20240702",
+    "engine_version": "4.5.5.54",
+    "method": "blacklist",
+    "result": null
+  },
+  "MaxSecure": {
+    "category": "undetected",
+    "engine_name": "MaxSecure",
+    "engine_update": "20240702",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "McAfee": {
+    "category": "undetected",
+    "engine_name": "McAfee",
+    "engine_update": "20240701",
+    "engine_version": "6.0.6.653",
+    "method": "blacklist",
+    "result": null
+  },
+  "McAfeeD": {
+    "category": "type-unsupported",
+    "engine_name": "McAfeeD",
+    "engine_update": "20240702",
+    "engine_version": "1.2.0.7628",
+    "method": "blacklist",
+    "result": null
+  },
+  "MicroWorld-eScan": {
+    "category": "malicious",
+    "engine_name": "MicroWorld-eScan",
+    "engine_update": "20240702",
+    "engine_version": "14.0.409.0",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.361606"
+  },
+  "Microsoft": {
+    "category": "malicious",
+    "engine_name": "Microsoft",
+    "engine_update": "20240702",
+    "engine_version": "1.1.24050.5",
+    "method": "blacklist",
+    "result": "Program:Linux/Multiverze"
+  },
+  "NANO-Antivirus": {
+    "category": "undetected",
+    "engine_name": "NANO-Antivirus",
+    "engine_update": "20240702",
+    "engine_version": "1.0.146.25796",
+    "method": "blacklist",
+    "result": null
+  },
+  "Paloalto": {
+    "category": "type-unsupported",
+    "engine_name": "Paloalto",
+    "engine_update": "20240702",
+    "engine_version": "0.9.0.1003",
+    "method": "blacklist",
+    "result": null
+  },
+  "Panda": {
+    "category": "undetected",
+    "engine_name": "Panda",
+    "engine_update": "20240701",
+    "engine_version": "4.6.4.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "Rising": {
+    "category": "malicious",
+    "engine_name": "Rising",
+    "engine_update": "20240702",
+    "engine_version": "25.0.0.27",
+    "method": "blacklist",
+    "result": "Backdoor.Sliver!1.FCA0 (CLOUD)"
+  },
+  "SUPERAntiSpyware": {
+    "category": "undetected",
+    "engine_name": "SUPERAntiSpyware",
+    "engine_update": "20240702",
+    "engine_version": "5.6.0.1032",
+    "method": "blacklist",
+    "result": null
+  },
+  "Sangfor": {
+    "category": "undetected",
+    "engine_name": "Sangfor",
+    "engine_update": "20240702",
+    "engine_version": "2.25.10.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "SentinelOne": {
+    "category": "malicious",
+    "engine_name": "SentinelOne",
+    "engine_update": "20240417",
+    "engine_version": "24.2.1.1",
+    "method": "blacklist",
+    "result": "Static AI - Malicious ELF"
+  },
+  "Skyhigh": {
+    "category": "undetected",
+    "engine_name": "Skyhigh",
+    "engine_update": "20240701",
+    "engine_version": "v2021.2.0+4045",
+    "method": "blacklist",
+    "result": null
+  },
+  "Sophos": {
+    "category": "malicious",
+    "engine_name": "Sophos",
+    "engine_update": "20240702",
+    "engine_version": "2.5.5.0",
+    "method": "blacklist",
+    "result": "Mal/Generic-S"
+  },
+  "Symantec": {
+    "category": "malicious",
+    "engine_name": "Symantec",
+    "engine_update": "20240702",
+    "engine_version": "1.21.0.0",
+    "method": "blacklist",
+    "result": "Trojan.Gen.NPE"
+  },
+  "SymantecMobileInsight": {
+    "category": "type-unsupported",
+    "engine_name": "SymantecMobileInsight",
+    "engine_update": "20240103",
+    "engine_version": "2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "TACHYON": {
+    "category": "undetected",
+    "engine_name": "TACHYON",
+    "engine_update": "20240701",
+    "engine_version": "2024-07-01.02",
+    "method": "blacklist",
+    "result": null
+  },
+  "Tencent": {
+    "category": "malicious",
+    "engine_name": "Tencent",
+    "engine_update": "20240702",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": "Win32.Trojan.Malgo.Ximw"
+  },
+  "Trapmine": {
+    "category": "type-unsupported",
+    "engine_name": "Trapmine",
+    "engine_update": "20240223",
+    "engine_version": "4.0.16.96",
+    "method": "blacklist",
+    "result": null
+  },
+  "TrendMicro": {
+    "category": "undetected",
+    "engine_name": "TrendMicro",
+    "engine_update": "20240702",
+    "engine_version": "11.0.0.1006",
+    "method": "blacklist",
+    "result": null
+  },
+  "TrendMicro-HouseCall": {
+    "category": "malicious",
+    "engine_name": "TrendMicro-HouseCall",
+    "engine_update": "20240702",
+    "engine_version": "10.0.0.1040",
+    "method": "blacklist",
+    "result": "TROJ_GEN.R002H09FP24"
+  },
+  "Trustlook": {
+    "category": "type-unsupported",
+    "engine_name": "Trustlook",
+    "engine_update": "20240702",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VBA32": {
+    "category": "undetected",
+    "engine_name": "VBA32",
+    "engine_update": "20240701",
+    "engine_version": "5.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VIPRE": {
+    "category": "malicious",
+    "engine_name": "VIPRE",
+    "engine_update": "20240701",
+    "engine_version": "6.0.0.35",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.361606"
+  },
+  "Varist": {
+    "category": "malicious",
+    "engine_name": "Varist",
+    "engine_update": "20240702",
+    "engine_version": "6.5.1.2",
+    "method": "blacklist",
+    "result": "E64/ABRisk.RBUI-4"
+  },
+  "ViRobot": {
+    "category": "undetected",
+    "engine_name": "ViRobot",
+    "engine_update": "20240702",
+    "engine_version": "2014.3.20.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VirIT": {
+    "category": "undetected",
+    "engine_name": "VirIT",
+    "engine_update": "20240701",
+    "engine_version": "9.5.735",
+    "method": "blacklist",
+    "result": null
+  },
+  "Webroot": {
+    "category": "type-unsupported",
+    "engine_name": "Webroot",
+    "engine_update": "20240702",
+    "engine_version": "1.0.0.403",
+    "method": "blacklist",
+    "result": null
+  },
+  "Xcitium": {
+    "category": "undetected",
+    "engine_name": "Xcitium",
+    "engine_update": "20240702",
+    "engine_version": "36840",
+    "method": "blacklist",
+    "result": null
+  },
+  "Yandex": {
+    "category": "undetected",
+    "engine_name": "Yandex",
+    "engine_update": "20240701",
+    "engine_version": "5.5.2.24",
+    "method": "blacklist",
+    "result": null
+  },
+  "Zillya": {
+    "category": "undetected",
+    "engine_name": "Zillya",
+    "engine_update": "20240701",
+    "engine_version": "2.0.0.5144",
+    "method": "blacklist",
+    "result": null
+  },
+  "ZoneAlarm": {
+    "category": "malicious",
+    "engine_name": "ZoneAlarm",
+    "engine_update": "20240702",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": "HEUR:Trojan.Multi.MalGO.gen"
+  },
+  "Zoner": {
+    "category": "undetected",
+    "engine_name": "Zoner",
+    "engine_update": "20240702",
+    "engine_version": "2.2.2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "alibabacloud": {
+    "category": "malicious",
+    "engine_name": "alibabacloud",
+    "engine_update": "20240620",
+    "engine_version": "2.1.0",
+    "method": "blacklist",
+    "result": "Trojan:Linux/MalGO.gyf"
+  },
+  "tehtris": {
+    "category": "undetected",
+    "engine_name": "tehtris",
+    "engine_update": "20240702",
+    "engine_version": null,
+    "method": "blacklist",
+    "result": null
+  }
+}
--- a/linux/e27571a89dfbb256bdf2aa7ff0a062bd10bd712c46d7ddc045a8ac85c4903c2f/README.md
+++ b/linux/e27571a89dfbb256bdf2aa7ff0a062bd10bd712c46d7ddc045a8ac85c4903c2f/README.md
@ -0,0 +1,68 @@
+
+# Sample Information
+
+<table>
+  <tr>
+    <td><b>VirusTotal Threat Label</b></td>
+    <td><b><span style="color: red">unknown</span></b></td>
+  </tr>
+  <tr>
+    <td><b>md5</b></td>
+    <td>e97790c1200e6d5c8f4eed64f1736a5d</td>
+  </tr>
+  <tr>
+    <td><b>sha1</b></td>
+    <td>8df8579b3303221b0aa9955f0e11ab6d24525a1a</td>
+  </tr>
+  <tr>
+    <td><b>sha256</b></td>
+    <td>e27571a89dfbb256bdf2aa7ff0a062bd10bd712c46d7ddc045a8ac85c4903c2f</td>
+  </tr>
+  <tr>
+    <td><b>sha512</b></td>
+    <td>0cb76a4ac2c5787282f31bed1a0a2599258d85890d60cc6a1538548f304b56668840295b99d862a721baa3309e7dc3366b2dbd2819ed39900cc2165dc23a7f70</td>
+  </tr>
+</table>
+
+**VirusTotal**: https://www.virustotal.com/gui/file/e27571a89dfbb256bdf2aa7ff0a062bd10bd712c46d7ddc045a8ac85c4903c2f
+
+## Detection Names
+
+Backdoor.Linux.Ganiw.a  
+Backdoor.Linux.Ganiw.H  
+Backdoor.Linux.Ganiw.H (B)  
+Backdoor/Linux.ii  
+Backdoor:Linux/Setag.A  
+Backdoor.Setag/Linux!1.A3E5 (CLASSIC)  
+Detected  
+Downloader.OpenConnection.JS.100251  
+E32/Setag.B  
+ELF:Elknot-AE [Trj]  
+ELF/Setag.B!tr  
+ELF_SETAG.SM  
+HEUR:Backdoor.Linux.Ganiw.d  
+Legacy.Trojan.Agent-1388639  
+Linux/Agent.A  
+Linux/Backdoor.1135000  
+Linux.BackDoor.Gates.9  
+Linux.BackDoor.Gates.G  
+Linux.Chikdos.B!gen2  
+Linux/DDoS-BD  
+LINUX/Setag.axyb  
+Linux/Setag.B.Gen  
+Linux.Trojan.Ganiw  
+Linux.Trojan.Siggen.D  
+Malicious (score: 99)  
+Malware@#3xsifarbkt6j  
+malware (ai score=100)  
+Malware.LINUX/Setag.axyb  
+Script.Ks.Malware.14758  
+Static AI - Malicious ELF  
+Trojan.Elf32.Ganiw.dirahp  
+Trojan.Linux.Agent  
+Trojan.Linux.Elknot.atAE  
+Trojan.Linux.Ganiw.a  
+Trojan.Malware.121218.susgen  
+Trojan.U.Gen.tr  
+Trojan/Win32.PowerGhost.a  
+
--- a/linux/e27571a89dfbb256bdf2aa7ff0a062bd10bd712c46d7ddc045a8ac85c4903c2f/virustotal.json
+++ b/linux/e27571a89dfbb256bdf2aa7ff0a062bd10bd712c46d7ddc045a8ac85c4903c2f/virustotal.json
@ -0,0 +1,610 @@
+{
+  "ALYac": {
+    "category": "malicious",
+    "engine_name": "ALYac",
+    "engine_update": "20231225",
+    "engine_version": "1.1.3.1",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.Ganiw.H"
+  },
+  "APEX": {
+    "category": "type-unsupported",
+    "engine_name": "APEX",
+    "engine_update": "20231222",
+    "engine_version": "6.481",
+    "method": "blacklist",
+    "result": null
+  },
+  "AVG": {
+    "category": "malicious",
+    "engine_name": "AVG",
+    "engine_update": "20231225",
+    "engine_version": "23.9.8494.0",
+    "method": "blacklist",
+    "result": "ELF:Elknot-AE [Trj]"
+  },
+  "Acronis": {
+    "category": "undetected",
+    "engine_name": "Acronis",
+    "engine_update": "20230828",
+    "engine_version": "1.2.0.121",
+    "method": "blacklist",
+    "result": null
+  },
+  "AhnLab-V3": {
+    "category": "malicious",
+    "engine_name": "AhnLab-V3",
+    "engine_update": "20231225",
+    "engine_version": "3.25.0.10459",
+    "method": "blacklist",
+    "result": "Linux/Backdoor.1135000"
+  },
+  "Alibaba": {
+    "category": "type-unsupported",
+    "engine_name": "Alibaba",
+    "engine_update": "20190527",
+    "engine_version": "0.3.0.5",
+    "method": "blacklist",
+    "result": null
+  },
+  "Antiy-AVL": {
+    "category": "malicious",
+    "engine_name": "Antiy-AVL",
+    "engine_update": "20231224",
+    "engine_version": "3.0",
+    "method": "blacklist",
+    "result": "Trojan/Win32.PowerGhost.a"
+  },
+  "Arcabit": {
+    "category": "malicious",
+    "engine_name": "Arcabit",
+    "engine_update": "20231225",
+    "engine_version": "2022.0.0.18",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.Ganiw.H"
+  },
+  "Avast": {
+    "category": "malicious",
+    "engine_name": "Avast",
+    "engine_update": "20231225",
+    "engine_version": "23.9.8494.0",
+    "method": "blacklist",
+    "result": "ELF:Elknot-AE [Trj]"
+  },
+  "Avast-Mobile": {
+    "category": "undetected",
+    "engine_name": "Avast-Mobile",
+    "engine_update": "20231224",
+    "engine_version": "231224-00",
+    "method": "blacklist",
+    "result": null
+  },
+  "Avira": {
+    "category": "malicious",
+    "engine_name": "Avira",
+    "engine_update": "20231225",
+    "engine_version": "8.3.3.16",
+    "method": "blacklist",
+    "result": "LINUX/Setag.axyb"
+  },
+  "Baidu": {
+    "category": "undetected",
+    "engine_name": "Baidu",
+    "engine_update": "20190318",
+    "engine_version": "1.0.0.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefender": {
+    "category": "malicious",
+    "engine_name": "BitDefender",
+    "engine_update": "20231225",
+    "engine_version": "7.2",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.Ganiw.H"
+  },
+  "BitDefenderFalx": {
+    "category": "type-unsupported",
+    "engine_name": "BitDefenderFalx",
+    "engine_update": "20231121",
+    "engine_version": "2.0.936",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefenderTheta": {
+    "category": "undetected",
+    "engine_name": "BitDefenderTheta",
+    "engine_update": "20231127",
+    "engine_version": "7.2.37796.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Bkav": {
+    "category": "undetected",
+    "engine_name": "Bkav",
+    "engine_update": "20231224",
+    "engine_version": "2.0.0.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "CAT-QuickHeal": {
+    "category": "undetected",
+    "engine_name": "CAT-QuickHeal",
+    "engine_update": "20231224",
+    "engine_version": "22.00",
+    "method": "blacklist",
+    "result": null
+  },
+  "CMC": {
+    "category": "undetected",
+    "engine_name": "CMC",
+    "engine_update": "20230822",
+    "engine_version": "2.4.2022.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "ClamAV": {
+    "category": "malicious",
+    "engine_name": "ClamAV",
+    "engine_update": "20231224",
+    "engine_version": "1.2.1.0",
+    "method": "blacklist",
+    "result": "Legacy.Trojan.Agent-1388639"
+  },
+  "CrowdStrike": {
+    "category": "type-unsupported",
+    "engine_name": "CrowdStrike",
+    "engine_update": "20231026",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cybereason": {
+    "category": "type-unsupported",
+    "engine_name": "Cybereason",
+    "engine_update": "20231102",
+    "engine_version": "1.2.449",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cylance": {
+    "category": "type-unsupported",
+    "engine_name": "Cylance",
+    "engine_update": "20231108",
+    "engine_version": "2.0.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cynet": {
+    "category": "malicious",
+    "engine_name": "Cynet",
+    "engine_update": "20231225",
+    "engine_version": "4.0.0.28",
+    "method": "blacklist",
+    "result": "Malicious (score: 99)"
+  },
+  "DeepInstinct": {
+    "category": "type-unsupported",
+    "engine_name": "DeepInstinct",
+    "engine_update": "20231224",
+    "engine_version": "3.1.0.15",
+    "method": "blacklist",
+    "result": null
+  },
+  "DrWeb": {
+    "category": "malicious",
+    "engine_name": "DrWeb",
+    "engine_update": "20231225",
+    "engine_version": "7.0.61.8090",
+    "method": "blacklist",
+    "result": "Linux.BackDoor.Gates.9"
+  },
+  "ESET-NOD32": {
+    "category": "malicious",
+    "engine_name": "ESET-NOD32",
+    "engine_update": "20231225",
+    "engine_version": "28457",
+    "method": "blacklist",
+    "result": "Linux/Setag.B.Gen"
+  },
+  "Elastic": {
+    "category": "malicious",
+    "engine_name": "Elastic",
+    "engine_update": "20231208",
+    "engine_version": "4.0.121",
+    "method": "blacklist",
+    "result": "Linux.Trojan.Ganiw"
+  },
+  "Emsisoft": {
+    "category": "malicious",
+    "engine_name": "Emsisoft",
+    "engine_update": "20231225",
+    "engine_version": "2022.6.0.32461",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.Ganiw.H (B)"
+  },
+  "F-Secure": {
+    "category": "malicious",
+    "engine_name": "F-Secure",
+    "engine_update": "20231225",
+    "engine_version": "18.10.1547.307",
+    "method": "blacklist",
+    "result": "Malware.LINUX/Setag.axyb"
+  },
+  "FireEye": {
+    "category": "malicious",
+    "engine_name": "FireEye",
+    "engine_update": "20231225",
+    "engine_version": "35.24.1.0",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.Ganiw.H"
+  },
+  "Fortinet": {
+    "category": "malicious",
+    "engine_name": "Fortinet",
+    "engine_update": "20231225",
+    "engine_version": "None",
+    "method": "blacklist",
+    "result": "ELF/Setag.B!tr"
+  },
+  "GData": {
+    "category": "malicious",
+    "engine_name": "GData",
+    "engine_update": "20231225",
+    "engine_version": "A:25.37037B:27.34321",
+    "method": "blacklist",
+    "result": "Linux.Trojan.Siggen.D"
+  },
+  "Google": {
+    "category": "malicious",
+    "engine_name": "Google",
+    "engine_update": "20231225",
+    "engine_version": "1703485830",
+    "method": "blacklist",
+    "result": "Detected"
+  },
+  "Gridinsoft": {
+    "category": "malicious",
+    "engine_name": "Gridinsoft",
+    "engine_update": "20231225",
+    "engine_version": "1.0.152.174",
+    "method": "blacklist",
+    "result": "Trojan.U.Gen.tr"
+  },
+  "Ikarus": {
+    "category": "malicious",
+    "engine_name": "Ikarus",
+    "engine_update": "20231224",
+    "engine_version": "6.2.4.0",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Agent"
+  },
+  "Jiangmin": {
+    "category": "malicious",
+    "engine_name": "Jiangmin",
+    "engine_update": "20231224",
+    "engine_version": "16.0.100",
+    "method": "blacklist",
+    "result": "Backdoor/Linux.ii"
+  },
+  "K7AntiVirus": {
+    "category": "undetected",
+    "engine_name": "K7AntiVirus",
+    "engine_update": "20231225",
+    "engine_version": "12.131.50519",
+    "method": "blacklist",
+    "result": null
+  },
+  "K7GW": {
+    "category": "undetected",
+    "engine_name": "K7GW",
+    "engine_update": "20231225",
+    "engine_version": "12.131.50520",
+    "method": "blacklist",
+    "result": null
+  },
+  "Kaspersky": {
+    "category": "malicious",
+    "engine_name": "Kaspersky",
+    "engine_update": "20231225",
+    "engine_version": "22.0.1.28",
+    "method": "blacklist",
+    "result": "HEUR:Backdoor.Linux.Ganiw.d"
+  },
+  "Kingsoft": {
+    "category": "malicious",
+    "engine_name": "Kingsoft",
+    "engine_update": "20230906",
+    "engine_version": "None",
+    "method": "blacklist",
+    "result": "Script.Ks.Malware.14758"
+  },
+  "Lionic": {
+    "category": "undetected",
+    "engine_name": "Lionic",
+    "engine_update": "20231225",
+    "engine_version": "7.5",
+    "method": "blacklist",
+    "result": null
+  },
+  "MAX": {
+    "category": "malicious",
+    "engine_name": "MAX",
+    "engine_update": "20231225",
+    "engine_version": "2023.1.4.1",
+    "method": "blacklist",
+    "result": "malware (ai score=100)"
+  },
+  "Malwarebytes": {
+    "category": "undetected",
+    "engine_name": "Malwarebytes",
+    "engine_update": "20231225",
+    "engine_version": "4.5.5.54",
+    "method": "blacklist",
+    "result": null
+  },
+  "MaxSecure": {
+    "category": "malicious",
+    "engine_name": "MaxSecure",
+    "engine_update": "20231223",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": "Trojan.Malware.121218.susgen"
+  },
+  "McAfee": {
+    "category": "malicious",
+    "engine_name": "McAfee",
+    "engine_update": "20231225",
+    "engine_version": "6.0.6.653",
+    "method": "blacklist",
+    "result": "Linux/Agent.A"
+  },
+  "MicroWorld-eScan": {
+    "category": "malicious",
+    "engine_name": "MicroWorld-eScan",
+    "engine_update": "20231225",
+    "engine_version": "14.0.409.0",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.Ganiw.H"
+  },
+  "Microsoft": {
+    "category": "malicious",
+    "engine_name": "Microsoft",
+    "engine_update": "20231225",
+    "engine_version": "1.1.23110.2",
+    "method": "blacklist",
+    "result": "Backdoor:Linux/Setag.A"
+  },
+  "NANO-Antivirus": {
+    "category": "malicious",
+    "engine_name": "NANO-Antivirus",
+    "engine_update": "20231225",
+    "engine_version": "1.0.146.25796",
+    "method": "blacklist",
+    "result": "Trojan.Elf32.Ganiw.dirahp"
+  },
+  "Paloalto": {
+    "category": "type-unsupported",
+    "engine_name": "Paloalto",
+    "engine_update": "20231225",
+    "engine_version": "0.9.0.1003",
+    "method": "blacklist",
+    "result": null
+  },
+  "Panda": {
+    "category": "undetected",
+    "engine_name": "Panda",
+    "engine_update": "20231224",
+    "engine_version": "4.6.4.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "Rising": {
+    "category": "malicious",
+    "engine_name": "Rising",
+    "engine_update": "20231225",
+    "engine_version": "25.0.0.27",
+    "method": "blacklist",
+    "result": "Backdoor.Setag/Linux!1.A3E5 (CLASSIC)"
+  },
+  "SUPERAntiSpyware": {
+    "category": "undetected",
+    "engine_name": "SUPERAntiSpyware",
+    "engine_update": "20231225",
+    "engine_version": "5.6.0.1032",
+    "method": "blacklist",
+    "result": null
+  },
+  "Sangfor": {
+    "category": "malicious",
+    "engine_name": "Sangfor",
+    "engine_update": "20231219",
+    "engine_version": "2.23.0.0",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Elknot.atAE"
+  },
+  "SentinelOne": {
+    "category": "malicious",
+    "engine_name": "SentinelOne",
+    "engine_update": "20231119",
+    "engine_version": "23.4.2.3",
+    "method": "blacklist",
+    "result": "Static AI - Malicious ELF"
+  },
+  "Skyhigh": {
+    "category": "malicious",
+    "engine_name": "Skyhigh",
+    "engine_update": "20231225",
+    "engine_version": "v2021.2.0+4045",
+    "method": "blacklist",
+    "result": "Linux/Agent.A"
+  },
+  "Sophos": {
+    "category": "malicious",
+    "engine_name": "Sophos",
+    "engine_update": "20231224",
+    "engine_version": "2.4.3.0",
+    "method": "blacklist",
+    "result": "Linux/DDoS-BD"
+  },
+  "Symantec": {
+    "category": "malicious",
+    "engine_name": "Symantec",
+    "engine_update": "20231224",
+    "engine_version": "1.21.0.0",
+    "method": "blacklist",
+    "result": "Linux.Chikdos.B!gen2"
+  },
+  "SymantecMobileInsight": {
+    "category": "type-unsupported",
+    "engine_name": "SymantecMobileInsight",
+    "engine_update": "20230119",
+    "engine_version": "2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "TACHYON": {
+    "category": "undetected",
+    "engine_name": "TACHYON",
+    "engine_update": "20231225",
+    "engine_version": "2023-12-25.02",
+    "method": "blacklist",
+    "result": null
+  },
+  "Tencent": {
+    "category": "malicious",
+    "engine_name": "Tencent",
+    "engine_update": "20231225",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Ganiw.a"
+  },
+  "Trapmine": {
+    "category": "type-unsupported",
+    "engine_name": "Trapmine",
+    "engine_update": "20231106",
+    "engine_version": "4.0.14.97",
+    "method": "blacklist",
+    "result": null
+  },
+  "TrendMicro": {
+    "category": "malicious",
+    "engine_name": "TrendMicro",
+    "engine_update": "20231225",
+    "engine_version": "11.0.0.1006",
+    "method": "blacklist",
+    "result": "ELF_SETAG.SM"
+  },
+  "TrendMicro-HouseCall": {
+    "category": "malicious",
+    "engine_name": "TrendMicro-HouseCall",
+    "engine_update": "20231225",
+    "engine_version": "10.0.0.1040",
+    "method": "blacklist",
+    "result": "ELF_SETAG.SM"
+  },
+  "Trustlook": {
+    "category": "type-unsupported",
+    "engine_name": "Trustlook",
+    "engine_update": "20231225",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VBA32": {
+    "category": "malicious",
+    "engine_name": "VBA32",
+    "engine_update": "20231222",
+    "engine_version": "5.0.0",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.Ganiw.a"
+  },
+  "VIPRE": {
+    "category": "malicious",
+    "engine_name": "VIPRE",
+    "engine_update": "20231224",
+    "engine_version": "6.0.0.35",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.Ganiw.H"
+  },
+  "Varist": {
+    "category": "malicious",
+    "engine_name": "Varist",
+    "engine_update": "20231225",
+    "engine_version": "6.5.1.2",
+    "method": "blacklist",
+    "result": "E32/Setag.B"
+  },
+  "ViRobot": {
+    "category": "undetected",
+    "engine_name": "ViRobot",
+    "engine_update": "20231224",
+    "engine_version": "2014.3.20.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VirIT": {
+    "category": "malicious",
+    "engine_name": "VirIT",
+    "engine_update": "20231222",
+    "engine_version": "9.5.605",
+    "method": "blacklist",
+    "result": "Linux.BackDoor.Gates.G"
+  },
+  "Webroot": {
+    "category": "type-unsupported",
+    "engine_name": "Webroot",
+    "engine_update": "20231225",
+    "engine_version": "1.0.0.403",
+    "method": "blacklist",
+    "result": null
+  },
+  "Xcitium": {
+    "category": "malicious",
+    "engine_name": "Xcitium",
+    "engine_update": "20231224",
+    "engine_version": "36286",
+    "method": "blacklist",
+    "result": "Malware@#3xsifarbkt6j"
+  },
+  "Yandex": {
+    "category": "undetected",
+    "engine_name": "Yandex",
+    "engine_update": "20231225",
+    "engine_version": "5.5.2.24",
+    "method": "blacklist",
+    "result": null
+  },
+  "Zillya": {
+    "category": "malicious",
+    "engine_name": "Zillya",
+    "engine_update": "20231223",
+    "engine_version": "2.0.0.5019",
+    "method": "blacklist",
+    "result": "Downloader.OpenConnection.JS.100251"
+  },
+  "ZoneAlarm": {
+    "category": "malicious",
+    "engine_name": "ZoneAlarm",
+    "engine_update": "20231225",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": "HEUR:Backdoor.Linux.Ganiw.d"
+  },
+  "Zoner": {
+    "category": "undetected",
+    "engine_name": "Zoner",
+    "engine_update": "20231225",
+    "engine_version": "2.2.2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "tehtris": {
+    "category": "type-unsupported",
+    "engine_name": "tehtris",
+    "engine_update": "20231225",
+    "engine_version": "v0.1.4-109-g76614fd",
+    "method": "blacklist",
+    "result": null
+  }
+}
--- a/linux/e59dd13dc8dbb2c9e3612c6f1188622067ed388f6248567c56479d1677c79e5b/README.md
+++ b/linux/e59dd13dc8dbb2c9e3612c6f1188622067ed388f6248567c56479d1677c79e5b/README.md
@ -0,0 +1,66 @@
+
+# Sample Information
+
+<table>
+  <tr>
+    <td><b>VirusTotal Threat Label</b></td>
+    <td><b><span style="color: red">trojan.tsunami/kaiten</span></b></td>
+  </tr>
+  <tr>
+    <td><b>md5</b></td>
+    <td>7b1aec339bee5beed674c8cb576bb881</td>
+  </tr>
+  <tr>
+    <td><b>sha1</b></td>
+    <td>28cc31a46db6970ded6900cc3d6a51c0cb068702</td>
+  </tr>
+  <tr>
+    <td><b>sha256</b></td>
+    <td>e59dd13dc8dbb2c9e3612c6f1188622067ed388f6248567c56479d1677c79e5b</td>
+  </tr>
+  <tr>
+    <td><b>sha512</b></td>
+    <td>08867041b15afdfc586eb3b872859deed5c5b2c8abcdd500db04a0b7a190bf9657e1c6a2f184ec6ec7ed6c5e847235da46459b7896053414ff669138442ac2eb</td>
+  </tr>
+</table>
+
+**VirusTotal**: https://www.virustotal.com/gui/file/e59dd13dc8dbb2c9e3612c6f1188622067ed388f6248567c56479d1677c79e5b
+
+## Detection Names
+
+a variant of Linux/Tsunami.NCD  
+Backdoor.BDS/Katien.R  
+Backdoor.Linux.aeeb  
+Backdoor:Linux/Tsunami.C!MTB  
+Backdoor.Linux.Tsunami.x  
+Backdoor.Tsunami/Linux!1.A1B2 (CLASSIC)  
+BDS/Katien.R  
+DDoS:Linux/Tsunami  
+Detected  
+E32/Mirai.DJ.gen!Camelot  
+ELF_KAITEN.SM  
+ELF:Tsunami-A  
+ELF:Tsunami-FP [Trj]  
+ELF/Tsunami.NCD!tr  
+Generic.Malware.GJIFg.78B1411A  
+Generic.Malware.GJIFg.78B1411A (B)  
+Gen:NN.Mirai.36808  
+HEUR:Backdoor.Linux.Tsunami.bh  
+Linux/DDoS-Kaiten.gen.a  
+Linux.Kaiten  
+Linux.Siggen.9999  
+Linux.Trojan.Gafgyt  
+Linux/Tsunami-A  
+Linux/Tsunami.Gen  
+Malicious (score: 99)  
+malware (ai score=100)  
+Script.Ks.Malware.3227  
+Static AI - Malicious ELF  
+Suspicious.Linux.Save.a  
+Trojan ( 0040f09d1 )  
+Trojan.Elf32.Tsunami.knlqdv  
+Trojan.Linux.Mirai  
+Trojan/Linux.Tsunami.a  
+Trojan.Linux.Tsunami.m!c  
+Win.Trojan.Tsunami-5  
+
--- a/linux/e59dd13dc8dbb2c9e3612c6f1188622067ed388f6248567c56479d1677c79e5b/virustotal.json
+++ b/linux/e59dd13dc8dbb2c9e3612c6f1188622067ed388f6248567c56479d1677c79e5b/virustotal.json
@ -0,0 +1,626 @@
+{
+  "ALYac": {
+    "category": "timeout",
+    "engine_name": "ALYac",
+    "engine_update": "20240623",
+    "engine_version": null,
+    "method": "blacklist",
+    "result": null
+  },
+  "APEX": {
+    "category": "type-unsupported",
+    "engine_name": "APEX",
+    "engine_update": "20240622",
+    "engine_version": "6.545",
+    "method": "blacklist",
+    "result": null
+  },
+  "AVG": {
+    "category": "malicious",
+    "engine_name": "AVG",
+    "engine_update": "20240623",
+    "engine_version": "23.9.8494.0",
+    "method": "blacklist",
+    "result": "ELF:Tsunami-A"
+  },
+  "Acronis": {
+    "category": "undetected",
+    "engine_name": "Acronis",
+    "engine_update": "20240328",
+    "engine_version": "1.2.0.121",
+    "method": "blacklist",
+    "result": null
+  },
+  "AhnLab-V3": {
+    "category": "malicious",
+    "engine_name": "AhnLab-V3",
+    "engine_update": "20240623",
+    "engine_version": "3.25.1.10473",
+    "method": "blacklist",
+    "result": "Linux/Tsunami.Gen"
+  },
+  "Alibaba": {
+    "category": "type-unsupported",
+    "engine_name": "Alibaba",
+    "engine_update": "20190527",
+    "engine_version": "0.3.0.5",
+    "method": "blacklist",
+    "result": null
+  },
+  "Antiy-AVL": {
+    "category": "malicious",
+    "engine_name": "Antiy-AVL",
+    "engine_update": "20240623",
+    "engine_version": "3.0",
+    "method": "blacklist",
+    "result": "Trojan/Linux.Tsunami.a"
+  },
+  "Arcabit": {
+    "category": "malicious",
+    "engine_name": "Arcabit",
+    "engine_update": "20240623",
+    "engine_version": "2022.0.0.18",
+    "method": "blacklist",
+    "result": "Generic.Malware.GJIFg.78B1411A"
+  },
+  "Avast": {
+    "category": "malicious",
+    "engine_name": "Avast",
+    "engine_update": "20240623",
+    "engine_version": "23.9.8494.0",
+    "method": "blacklist",
+    "result": "ELF:Tsunami-A"
+  },
+  "Avast-Mobile": {
+    "category": "malicious",
+    "engine_name": "Avast-Mobile",
+    "engine_update": "20240623",
+    "engine_version": "240623-00",
+    "method": "blacklist",
+    "result": "ELF:Tsunami-FP [Trj]"
+  },
+  "Avira": {
+    "category": "malicious",
+    "engine_name": "Avira",
+    "engine_update": "20240623",
+    "engine_version": "8.3.3.18",
+    "method": "blacklist",
+    "result": "BDS/Katien.R"
+  },
+  "Baidu": {
+    "category": "undetected",
+    "engine_name": "Baidu",
+    "engine_update": "20190318",
+    "engine_version": "1.0.0.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefender": {
+    "category": "timeout",
+    "engine_name": "BitDefender",
+    "engine_update": "20240623",
+    "engine_version": "7.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefenderFalx": {
+    "category": "type-unsupported",
+    "engine_name": "BitDefenderFalx",
+    "engine_update": "20240128",
+    "engine_version": "2.0.936",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefenderTheta": {
+    "category": "malicious",
+    "engine_name": "BitDefenderTheta",
+    "engine_update": "20240621",
+    "engine_version": "7.2.37796.0",
+    "method": "blacklist",
+    "result": "Gen:NN.Mirai.36808"
+  },
+  "Bkav": {
+    "category": "undetected",
+    "engine_name": "Bkav",
+    "engine_update": "20240623",
+    "engine_version": "2.0.0.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "CAT-QuickHeal": {
+    "category": "undetected",
+    "engine_name": "CAT-QuickHeal",
+    "engine_update": "20240622",
+    "engine_version": "22.00",
+    "method": "blacklist",
+    "result": null
+  },
+  "CMC": {
+    "category": "undetected",
+    "engine_name": "CMC",
+    "engine_update": "20240622",
+    "engine_version": "2.4.2022.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "ClamAV": {
+    "category": "malicious",
+    "engine_name": "ClamAV",
+    "engine_update": "20240623",
+    "engine_version": "1.3.1.0",
+    "method": "blacklist",
+    "result": "Win.Trojan.Tsunami-5"
+  },
+  "CrowdStrike": {
+    "category": "undetected",
+    "engine_name": "CrowdStrike",
+    "engine_update": "20231026",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cybereason": {
+    "category": "undetected",
+    "engine_name": "Cybereason",
+    "engine_update": "20240623",
+    "engine_version": "1.2.449",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cylance": {
+    "category": "type-unsupported",
+    "engine_name": "Cylance",
+    "engine_update": "20240620",
+    "engine_version": "3.0.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cynet": {
+    "category": "malicious",
+    "engine_name": "Cynet",
+    "engine_update": "20240623",
+    "engine_version": "4.0.1.1",
+    "method": "blacklist",
+    "result": "Malicious (score: 99)"
+  },
+  "DeepInstinct": {
+    "category": "type-unsupported",
+    "engine_name": "DeepInstinct",
+    "engine_update": "20240606",
+    "engine_version": "5.0.0.8",
+    "method": "blacklist",
+    "result": null
+  },
+  "DrWeb": {
+    "category": "malicious",
+    "engine_name": "DrWeb",
+    "engine_update": "20240623",
+    "engine_version": "7.0.65.5230",
+    "method": "blacklist",
+    "result": "Linux.Siggen.9999"
+  },
+  "ESET-NOD32": {
+    "category": "malicious",
+    "engine_name": "ESET-NOD32",
+    "engine_update": "20240623",
+    "engine_version": "29440",
+    "method": "blacklist",
+    "result": "a variant of Linux/Tsunami.NCD"
+  },
+  "Elastic": {
+    "category": "malicious",
+    "engine_name": "Elastic",
+    "engine_update": "20240621",
+    "engine_version": "4.0.152",
+    "method": "blacklist",
+    "result": "Linux.Trojan.Gafgyt"
+  },
+  "Emsisoft": {
+    "category": "malicious",
+    "engine_name": "Emsisoft",
+    "engine_update": "20240623",
+    "engine_version": "2024.1.0.53752",
+    "method": "blacklist",
+    "result": "Generic.Malware.GJIFg.78B1411A (B)"
+  },
+  "F-Secure": {
+    "category": "malicious",
+    "engine_name": "F-Secure",
+    "engine_update": "20240623",
+    "engine_version": "18.10.1547.307",
+    "method": "blacklist",
+    "result": "Backdoor.BDS/Katien.R"
+  },
+  "FireEye": {
+    "category": "timeout",
+    "engine_name": "FireEye",
+    "engine_update": "20240623",
+    "engine_version": "35.47.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Fortinet": {
+    "category": "malicious",
+    "engine_name": "Fortinet",
+    "engine_update": "20240623",
+    "engine_version": "None",
+    "method": "blacklist",
+    "result": "ELF/Tsunami.NCD!tr"
+  },
+  "GData": {
+    "category": "timeout",
+    "engine_name": "GData",
+    "engine_update": "20240623",
+    "engine_version": null,
+    "method": "blacklist",
+    "result": null
+  },
+  "Google": {
+    "category": "malicious",
+    "engine_name": "Google",
+    "engine_update": "20240623",
+    "engine_version": "1719138681",
+    "method": "blacklist",
+    "result": "Detected"
+  },
+  "Gridinsoft": {
+    "category": "undetected",
+    "engine_name": "Gridinsoft",
+    "engine_update": "20240623",
+    "engine_version": "1.0.179.174",
+    "method": "blacklist",
+    "result": null
+  },
+  "Ikarus": {
+    "category": "malicious",
+    "engine_name": "Ikarus",
+    "engine_update": "20240623",
+    "engine_version": "6.3.12.0",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Mirai"
+  },
+  "Jiangmin": {
+    "category": "malicious",
+    "engine_name": "Jiangmin",
+    "engine_update": "20240622",
+    "engine_version": "16.0.100",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.aeeb"
+  },
+  "K7AntiVirus": {
+    "category": "undetected",
+    "engine_name": "K7AntiVirus",
+    "engine_update": "20240623",
+    "engine_version": "12.169.52380",
+    "method": "blacklist",
+    "result": null
+  },
+  "K7GW": {
+    "category": "malicious",
+    "engine_name": "K7GW",
+    "engine_update": "20240623",
+    "engine_version": "12.169.52380",
+    "method": "blacklist",
+    "result": "Trojan ( 0040f09d1 )"
+  },
+  "Kaspersky": {
+    "category": "malicious",
+    "engine_name": "Kaspersky",
+    "engine_update": "20240623",
+    "engine_version": "22.0.1.28",
+    "method": "blacklist",
+    "result": "HEUR:Backdoor.Linux.Tsunami.bh"
+  },
+  "Kingsoft": {
+    "category": "malicious",
+    "engine_name": "Kingsoft",
+    "engine_update": "20230906",
+    "engine_version": "None",
+    "method": "blacklist",
+    "result": "Script.Ks.Malware.3227"
+  },
+  "Lionic": {
+    "category": "malicious",
+    "engine_name": "Lionic",
+    "engine_update": "20240623",
+    "engine_version": "7.5",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Tsunami.m!c"
+  },
+  "MAX": {
+    "category": "malicious",
+    "engine_name": "MAX",
+    "engine_update": "20240623",
+    "engine_version": "2023.1.4.1",
+    "method": "blacklist",
+    "result": "malware (ai score=100)"
+  },
+  "Malwarebytes": {
+    "category": "undetected",
+    "engine_name": "Malwarebytes",
+    "engine_update": "20240623",
+    "engine_version": "4.5.5.54",
+    "method": "blacklist",
+    "result": null
+  },
+  "MaxSecure": {
+    "category": "undetected",
+    "engine_name": "MaxSecure",
+    "engine_update": "20240621",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "McAfee": {
+    "category": "malicious",
+    "engine_name": "McAfee",
+    "engine_update": "20240622",
+    "engine_version": "6.0.6.653",
+    "method": "blacklist",
+    "result": "Linux/DDoS-Kaiten.gen.a"
+  },
+  "McAfeeD": {
+    "category": "type-unsupported",
+    "engine_name": "McAfeeD",
+    "engine_update": "20240623",
+    "engine_version": "1.2.0.7628",
+    "method": "blacklist",
+    "result": null
+  },
+  "MicroWorld-eScan": {
+    "category": "malicious",
+    "engine_name": "MicroWorld-eScan",
+    "engine_update": "20240623",
+    "engine_version": "14.0.409.0",
+    "method": "blacklist",
+    "result": "Generic.Malware.GJIFg.78B1411A"
+  },
+  "Microsoft": {
+    "category": "malicious",
+    "engine_name": "Microsoft",
+    "engine_update": "20240623",
+    "engine_version": "1.1.24050.5",
+    "method": "blacklist",
+    "result": "Backdoor:Linux/Tsunami.C!MTB"
+  },
+  "NANO-Antivirus": {
+    "category": "malicious",
+    "engine_name": "NANO-Antivirus",
+    "engine_update": "20240623",
+    "engine_version": "1.0.146.25796",
+    "method": "blacklist",
+    "result": "Trojan.Elf32.Tsunami.knlqdv"
+  },
+  "Paloalto": {
+    "category": "type-unsupported",
+    "engine_name": "Paloalto",
+    "engine_update": "20240623",
+    "engine_version": "0.9.0.1003",
+    "method": "blacklist",
+    "result": null
+  },
+  "Panda": {
+    "category": "undetected",
+    "engine_name": "Panda",
+    "engine_update": "20240623",
+    "engine_version": "4.6.4.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "Rising": {
+    "category": "malicious",
+    "engine_name": "Rising",
+    "engine_update": "20240623",
+    "engine_version": "25.0.0.27",
+    "method": "blacklist",
+    "result": "Backdoor.Tsunami/Linux!1.A1B2 (CLASSIC)"
+  },
+  "SUPERAntiSpyware": {
+    "category": "undetected",
+    "engine_name": "SUPERAntiSpyware",
+    "engine_update": "20240622",
+    "engine_version": "5.6.0.1032",
+    "method": "blacklist",
+    "result": null
+  },
+  "Sangfor": {
+    "category": "malicious",
+    "engine_name": "Sangfor",
+    "engine_update": "20240621",
+    "engine_version": "2.25.10.0",
+    "method": "blacklist",
+    "result": "Suspicious.Linux.Save.a"
+  },
+  "SentinelOne": {
+    "category": "malicious",
+    "engine_name": "SentinelOne",
+    "engine_update": "20240417",
+    "engine_version": "24.2.1.1",
+    "method": "blacklist",
+    "result": "Static AI - Malicious ELF"
+  },
+  "Skyhigh": {
+    "category": "malicious",
+    "engine_name": "Skyhigh",
+    "engine_update": "20240622",
+    "engine_version": "v2021.2.0+4045",
+    "method": "blacklist",
+    "result": "Linux/DDoS-Kaiten.gen.a"
+  },
+  "Sophos": {
+    "category": "malicious",
+    "engine_name": "Sophos",
+    "engine_update": "20240623",
+    "engine_version": "2.5.5.0",
+    "method": "blacklist",
+    "result": "Linux/Tsunami-A"
+  },
+  "Symantec": {
+    "category": "malicious",
+    "engine_name": "Symantec",
+    "engine_update": "20240622",
+    "engine_version": "1.21.0.0",
+    "method": "blacklist",
+    "result": "Linux.Kaiten"
+  },
+  "SymantecMobileInsight": {
+    "category": "type-unsupported",
+    "engine_name": "SymantecMobileInsight",
+    "engine_update": "20240103",
+    "engine_version": "2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "TACHYON": {
+    "category": "undetected",
+    "engine_name": "TACHYON",
+    "engine_update": "20240623",
+    "engine_version": "2024-06-23.02",
+    "method": "blacklist",
+    "result": null
+  },
+  "Tencent": {
+    "category": "malicious",
+    "engine_name": "Tencent",
+    "engine_update": "20240623",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.Tsunami.x"
+  },
+  "Trapmine": {
+    "category": "type-unsupported",
+    "engine_name": "Trapmine",
+    "engine_update": "20240223",
+    "engine_version": "4.0.16.96",
+    "method": "blacklist",
+    "result": null
+  },
+  "TrendMicro": {
+    "category": "malicious",
+    "engine_name": "TrendMicro",
+    "engine_update": "20240623",
+    "engine_version": "11.0.0.1006",
+    "method": "blacklist",
+    "result": "ELF_KAITEN.SM"
+  },
+  "TrendMicro-HouseCall": {
+    "category": "malicious",
+    "engine_name": "TrendMicro-HouseCall",
+    "engine_update": "20240623",
+    "engine_version": "10.0.0.1040",
+    "method": "blacklist",
+    "result": "ELF_KAITEN.SM"
+  },
+  "Trustlook": {
+    "category": "type-unsupported",
+    "engine_name": "Trustlook",
+    "engine_update": "20240623",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VBA32": {
+    "category": "undetected",
+    "engine_name": "VBA32",
+    "engine_update": "20240621",
+    "engine_version": "5.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VIPRE": {
+    "category": "undetected",
+    "engine_name": "VIPRE",
+    "engine_update": "20240623",
+    "engine_version": "6.0.0.35",
+    "method": "blacklist",
+    "result": null
+  },
+  "Varist": {
+    "category": "malicious",
+    "engine_name": "Varist",
+    "engine_update": "20240623",
+    "engine_version": "6.5.1.2",
+    "method": "blacklist",
+    "result": "E32/Mirai.DJ.gen!Camelot"
+  },
+  "ViRobot": {
+    "category": "undetected",
+    "engine_name": "ViRobot",
+    "engine_update": "20240622",
+    "engine_version": "2014.3.20.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VirIT": {
+    "category": "undetected",
+    "engine_name": "VirIT",
+    "engine_update": "20240621",
+    "engine_version": "9.5.729",
+    "method": "blacklist",
+    "result": null
+  },
+  "Webroot": {
+    "category": "type-unsupported",
+    "engine_name": "Webroot",
+    "engine_update": "20240623",
+    "engine_version": "1.0.0.403",
+    "method": "blacklist",
+    "result": null
+  },
+  "Xcitium": {
+    "category": "undetected",
+    "engine_name": "Xcitium",
+    "engine_update": "20240623",
+    "engine_version": "36815",
+    "method": "blacklist",
+    "result": null
+  },
+  "Yandex": {
+    "category": "undetected",
+    "engine_name": "Yandex",
+    "engine_update": "20240623",
+    "engine_version": "5.5.2.24",
+    "method": "blacklist",
+    "result": null
+  },
+  "Zillya": {
+    "category": "undetected",
+    "engine_name": "Zillya",
+    "engine_update": "20240621",
+    "engine_version": "2.0.0.5138",
+    "method": "blacklist",
+    "result": null
+  },
+  "ZoneAlarm": {
+    "category": "malicious",
+    "engine_name": "ZoneAlarm",
+    "engine_update": "20240623",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": "HEUR:Backdoor.Linux.Tsunami.bh"
+  },
+  "Zoner": {
+    "category": "undetected",
+    "engine_name": "Zoner",
+    "engine_update": "20240623",
+    "engine_version": "2.2.2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "alibabacloud": {
+    "category": "malicious",
+    "engine_name": "alibabacloud",
+    "engine_update": "20240620",
+    "engine_version": "2.1.0",
+    "method": "blacklist",
+    "result": "DDoS:Linux/Tsunami"
+  },
+  "tehtris": {
+    "category": "undetected",
+    "engine_name": "tehtris",
+    "engine_update": "20240623",
+    "engine_version": "v0.1.4",
+    "method": "blacklist",
+    "result": null
+  }
+}
--- a/linux/e89b79c039776ff64e4979a80fa95c020161a98f8cb434fbfd09f409ba73bd9e/README.md
+++ b/linux/e89b79c039776ff64e4979a80fa95c020161a98f8cb434fbfd09f409ba73bd9e/README.md
@ -0,0 +1,59 @@
+
+# Sample Information
+
+<table>
+  <tr>
+    <td><b>VirusTotal Threat Label</b></td>
+    <td><b><span style="color: red">miner.r002c0df524/sphdl</span></b></td>
+  </tr>
+  <tr>
+    <td><b>md5</b></td>
+    <td>5e4092a39ab18cf9829f87b6d1310f0b</td>
+  </tr>
+  <tr>
+    <td><b>sha1</b></td>
+    <td>c2f14ce4d1a840a8dc84240cd023968e7250d85d</td>
+  </tr>
+  <tr>
+    <td><b>sha256</b></td>
+    <td>e89b79c039776ff64e4979a80fa95c020161a98f8cb434fbfd09f409ba73bd9e</td>
+  </tr>
+  <tr>
+    <td><b>sha512</b></td>
+    <td>6f4d6c7e4e0eff77a02285fbdd3aa602d4d762d50909a4a6cd83098af80fb34f2b2abdba783a88031a759b3a718e0433626e586782afedf5e228467d94e60fe9</td>
+  </tr>
+</table>
+
+**VirusTotal**: https://www.virustotal.com/gui/file/e89b79c039776ff64e4979a80fa95c020161a98f8cb434fbfd09f409ba73bd9e
+
+## Detection Names
+
+Adware/Miner  
+Application.Linux.Generic.23454  
+Application.Linux.Generic.23454 (B)  
+Application.Linux.Generic.D5B9E  
+Artemis!Trojan  
+a variant of Linux/CoinMiner.CP potentially unwanted  
+CoinMiner.Linux.Agent.Vnyp  
+Detected  
+E32/ABRisk.AUAW-18  
+ELF/TrojanGen.A  
+Generic Reputation PUA (PUA)  
+GrayWare/Linux.CoinMiner.cp  
+Linux.Risktool.Bitcoinminer.Usmw  
+Linux.Siggen.7528  
+Linux.Troj.Generic.v  
+Malicious (score: 99)  
+malware (ai score=90)  
+Miner:Multi/XMRig  
+not-a-virus:HEUR:RiskTool.Linux.BitCoinMiner.n  
+Other:Malware-gen [Trj]  
+PotentialRisk.PUA/AVI.CoinMiner.sphdl  
+PUA/AVI.CoinMiner.sphdl  
+PUA.CoinMiner/Linux!8.15288 (CLOUD)  
+RiskTool.Linux.dro  
+Riskware.Linux.BitCoinMiner.1!c  
+Trojan.Gen.NPE  
+Trojan:Linux/CoinMiner  
+TROJ_GEN.R002C0DF524  
+
--- a/linux/e89b79c039776ff64e4979a80fa95c020161a98f8cb434fbfd09f409ba73bd9e/virustotal.json
+++ b/linux/e89b79c039776ff64e4979a80fa95c020161a98f8cb434fbfd09f409ba73bd9e/virustotal.json
@ -0,0 +1,626 @@
+{
+  "ALYac": {
+    "category": "malicious",
+    "engine_name": "ALYac",
+    "engine_update": "20240628",
+    "engine_version": "2.0.0.10",
+    "method": "blacklist",
+    "result": "Application.Linux.Generic.23454"
+  },
+  "APEX": {
+    "category": "type-unsupported",
+    "engine_name": "APEX",
+    "engine_update": "20240628",
+    "engine_version": "6.547",
+    "method": "blacklist",
+    "result": null
+  },
+  "AVG": {
+    "category": "malicious",
+    "engine_name": "AVG",
+    "engine_update": "20240628",
+    "engine_version": "23.9.8494.0",
+    "method": "blacklist",
+    "result": "Other:Malware-gen [Trj]"
+  },
+  "Acronis": {
+    "category": "undetected",
+    "engine_name": "Acronis",
+    "engine_update": "20240328",
+    "engine_version": "1.2.0.121",
+    "method": "blacklist",
+    "result": null
+  },
+  "AhnLab-V3": {
+    "category": "undetected",
+    "engine_name": "AhnLab-V3",
+    "engine_update": "20240628",
+    "engine_version": "3.26.0.10499",
+    "method": "blacklist",
+    "result": null
+  },
+  "Alibaba": {
+    "category": "type-unsupported",
+    "engine_name": "Alibaba",
+    "engine_update": "20190527",
+    "engine_version": "0.3.0.5",
+    "method": "blacklist",
+    "result": null
+  },
+  "Antiy-AVL": {
+    "category": "malicious",
+    "engine_name": "Antiy-AVL",
+    "engine_update": "20240628",
+    "engine_version": "3.0",
+    "method": "blacklist",
+    "result": "GrayWare/Linux.CoinMiner.cp"
+  },
+  "Arcabit": {
+    "category": "malicious",
+    "engine_name": "Arcabit",
+    "engine_update": "20240628",
+    "engine_version": "2022.0.0.18",
+    "method": "blacklist",
+    "result": "Application.Linux.Generic.D5B9E"
+  },
+  "Avast": {
+    "category": "malicious",
+    "engine_name": "Avast",
+    "engine_update": "20240628",
+    "engine_version": "23.9.8494.0",
+    "method": "blacklist",
+    "result": "Other:Malware-gen [Trj]"
+  },
+  "Avast-Mobile": {
+    "category": "undetected",
+    "engine_name": "Avast-Mobile",
+    "engine_update": "20240628",
+    "engine_version": "240628-00",
+    "method": "blacklist",
+    "result": null
+  },
+  "Avira": {
+    "category": "malicious",
+    "engine_name": "Avira",
+    "engine_update": "20240628",
+    "engine_version": "8.3.3.18",
+    "method": "blacklist",
+    "result": "PUA/AVI.CoinMiner.sphdl"
+  },
+  "Baidu": {
+    "category": "undetected",
+    "engine_name": "Baidu",
+    "engine_update": "20190318",
+    "engine_version": "1.0.0.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefender": {
+    "category": "malicious",
+    "engine_name": "BitDefender",
+    "engine_update": "20240628",
+    "engine_version": "7.2",
+    "method": "blacklist",
+    "result": "Application.Linux.Generic.23454"
+  },
+  "BitDefenderFalx": {
+    "category": "type-unsupported",
+    "engine_name": "BitDefenderFalx",
+    "engine_update": "20240128",
+    "engine_version": "2.0.936",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefenderTheta": {
+    "category": "undetected",
+    "engine_name": "BitDefenderTheta",
+    "engine_update": "20240621",
+    "engine_version": "7.2.37796.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Bkav": {
+    "category": "undetected",
+    "engine_name": "Bkav",
+    "engine_update": "20240628",
+    "engine_version": "2.0.0.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "CAT-QuickHeal": {
+    "category": "undetected",
+    "engine_name": "CAT-QuickHeal",
+    "engine_update": "20240627",
+    "engine_version": "22.00",
+    "method": "blacklist",
+    "result": null
+  },
+  "CMC": {
+    "category": "undetected",
+    "engine_name": "CMC",
+    "engine_update": "20240628",
+    "engine_version": "2.4.2022.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "ClamAV": {
+    "category": "undetected",
+    "engine_name": "ClamAV",
+    "engine_update": "20240628",
+    "engine_version": "1.3.1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "CrowdStrike": {
+    "category": "undetected",
+    "engine_name": "CrowdStrike",
+    "engine_update": "20231026",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cybereason": {
+    "category": "undetected",
+    "engine_name": "Cybereason",
+    "engine_update": "20240623",
+    "engine_version": "1.2.449",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cylance": {
+    "category": "type-unsupported",
+    "engine_name": "Cylance",
+    "engine_update": "20240627",
+    "engine_version": "3.0.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cynet": {
+    "category": "malicious",
+    "engine_name": "Cynet",
+    "engine_update": "20240628",
+    "engine_version": "4.0.1.1",
+    "method": "blacklist",
+    "result": "Malicious (score: 99)"
+  },
+  "DeepInstinct": {
+    "category": "type-unsupported",
+    "engine_name": "DeepInstinct",
+    "engine_update": "20240625",
+    "engine_version": "5.0.0.8",
+    "method": "blacklist",
+    "result": null
+  },
+  "DrWeb": {
+    "category": "malicious",
+    "engine_name": "DrWeb",
+    "engine_update": "20240628",
+    "engine_version": "7.0.65.5230",
+    "method": "blacklist",
+    "result": "Linux.Siggen.7528"
+  },
+  "ESET-NOD32": {
+    "category": "malicious",
+    "engine_name": "ESET-NOD32",
+    "engine_update": "20240628",
+    "engine_version": "29468",
+    "method": "blacklist",
+    "result": "a variant of Linux/CoinMiner.CP potentially unwanted"
+  },
+  "Elastic": {
+    "category": "undetected",
+    "engine_name": "Elastic",
+    "engine_update": "20240626",
+    "engine_version": "4.0.154",
+    "method": "blacklist",
+    "result": null
+  },
+  "Emsisoft": {
+    "category": "malicious",
+    "engine_name": "Emsisoft",
+    "engine_update": "20240628",
+    "engine_version": "2024.1.0.53752",
+    "method": "blacklist",
+    "result": "Application.Linux.Generic.23454 (B)"
+  },
+  "F-Secure": {
+    "category": "malicious",
+    "engine_name": "F-Secure",
+    "engine_update": "20240628",
+    "engine_version": "18.10.1547.307",
+    "method": "blacklist",
+    "result": "PotentialRisk.PUA/AVI.CoinMiner.sphdl"
+  },
+  "FireEye": {
+    "category": "malicious",
+    "engine_name": "FireEye",
+    "engine_update": "20240628",
+    "engine_version": "35.47.0.0",
+    "method": "blacklist",
+    "result": "Application.Linux.Generic.23454"
+  },
+  "Fortinet": {
+    "category": "malicious",
+    "engine_name": "Fortinet",
+    "engine_update": "20240628",
+    "engine_version": "None",
+    "method": "blacklist",
+    "result": "Adware/Miner"
+  },
+  "GData": {
+    "category": "malicious",
+    "engine_name": "GData",
+    "engine_update": "20240628",
+    "engine_version": "A:25.38368B:27.36525",
+    "method": "blacklist",
+    "result": "Application.Linux.Generic.23454"
+  },
+  "Google": {
+    "category": "malicious",
+    "engine_name": "Google",
+    "engine_update": "20240628",
+    "engine_version": "1719568835",
+    "method": "blacklist",
+    "result": "Detected"
+  },
+  "Gridinsoft": {
+    "category": "undetected",
+    "engine_name": "Gridinsoft",
+    "engine_update": "20240628",
+    "engine_version": "1.0.181.174",
+    "method": "blacklist",
+    "result": null
+  },
+  "Ikarus": {
+    "category": "undetected",
+    "engine_name": "Ikarus",
+    "engine_update": "20240628",
+    "engine_version": "6.3.12.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Jiangmin": {
+    "category": "malicious",
+    "engine_name": "Jiangmin",
+    "engine_update": "20240627",
+    "engine_version": "16.0.100",
+    "method": "blacklist",
+    "result": "RiskTool.Linux.dro"
+  },
+  "K7AntiVirus": {
+    "category": "undetected",
+    "engine_name": "K7AntiVirus",
+    "engine_update": "20240628",
+    "engine_version": "12.170.52433",
+    "method": "blacklist",
+    "result": null
+  },
+  "K7GW": {
+    "category": "undetected",
+    "engine_name": "K7GW",
+    "engine_update": "20240628",
+    "engine_version": "12.170.52431",
+    "method": "blacklist",
+    "result": null
+  },
+  "Kaspersky": {
+    "category": "malicious",
+    "engine_name": "Kaspersky",
+    "engine_update": "20240628",
+    "engine_version": "22.0.1.28",
+    "method": "blacklist",
+    "result": "not-a-virus:HEUR:RiskTool.Linux.BitCoinMiner.n"
+  },
+  "Kingsoft": {
+    "category": "malicious",
+    "engine_name": "Kingsoft",
+    "engine_update": "20230906",
+    "engine_version": "None",
+    "method": "blacklist",
+    "result": "Linux.Troj.Generic.v"
+  },
+  "Lionic": {
+    "category": "malicious",
+    "engine_name": "Lionic",
+    "engine_update": "20240628",
+    "engine_version": "8.16",
+    "method": "blacklist",
+    "result": "Riskware.Linux.BitCoinMiner.1!c"
+  },
+  "MAX": {
+    "category": "malicious",
+    "engine_name": "MAX",
+    "engine_update": "20240628",
+    "engine_version": "2023.1.4.1",
+    "method": "blacklist",
+    "result": "malware (ai score=90)"
+  },
+  "Malwarebytes": {
+    "category": "undetected",
+    "engine_name": "Malwarebytes",
+    "engine_update": "20240628",
+    "engine_version": "4.5.5.54",
+    "method": "blacklist",
+    "result": null
+  },
+  "MaxSecure": {
+    "category": "undetected",
+    "engine_name": "MaxSecure",
+    "engine_update": "20240628",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "McAfee": {
+    "category": "undetected",
+    "engine_name": "McAfee",
+    "engine_update": "20240627",
+    "engine_version": "6.0.6.653",
+    "method": "blacklist",
+    "result": null
+  },
+  "McAfeeD": {
+    "category": "type-unsupported",
+    "engine_name": "McAfeeD",
+    "engine_update": "20240628",
+    "engine_version": "1.2.0.7628",
+    "method": "blacklist",
+    "result": null
+  },
+  "MicroWorld-eScan": {
+    "category": "malicious",
+    "engine_name": "MicroWorld-eScan",
+    "engine_update": "20240628",
+    "engine_version": "14.0.409.0",
+    "method": "blacklist",
+    "result": "Application.Linux.Generic.23454"
+  },
+  "Microsoft": {
+    "category": "malicious",
+    "engine_name": "Microsoft",
+    "engine_update": "20240628",
+    "engine_version": "1.1.24050.5",
+    "method": "blacklist",
+    "result": "Trojan:Linux/CoinMiner"
+  },
+  "NANO-Antivirus": {
+    "category": "undetected",
+    "engine_name": "NANO-Antivirus",
+    "engine_update": "20240627",
+    "engine_version": "1.0.146.25796",
+    "method": "blacklist",
+    "result": null
+  },
+  "Paloalto": {
+    "category": "type-unsupported",
+    "engine_name": "Paloalto",
+    "engine_update": "20240628",
+    "engine_version": "0.9.0.1003",
+    "method": "blacklist",
+    "result": null
+  },
+  "Panda": {
+    "category": "malicious",
+    "engine_name": "Panda",
+    "engine_update": "20240627",
+    "engine_version": "4.6.4.2",
+    "method": "blacklist",
+    "result": "ELF/TrojanGen.A"
+  },
+  "Rising": {
+    "category": "malicious",
+    "engine_name": "Rising",
+    "engine_update": "20240628",
+    "engine_version": "25.0.0.27",
+    "method": "blacklist",
+    "result": "PUA.CoinMiner/Linux!8.15288 (CLOUD)"
+  },
+  "SUPERAntiSpyware": {
+    "category": "undetected",
+    "engine_name": "SUPERAntiSpyware",
+    "engine_update": "20240628",
+    "engine_version": "5.6.0.1032",
+    "method": "blacklist",
+    "result": null
+  },
+  "Sangfor": {
+    "category": "malicious",
+    "engine_name": "Sangfor",
+    "engine_update": "20240627",
+    "engine_version": "2.25.10.0",
+    "method": "blacklist",
+    "result": "CoinMiner.Linux.Agent.Vnyp"
+  },
+  "SentinelOne": {
+    "category": "undetected",
+    "engine_name": "SentinelOne",
+    "engine_update": "20240417",
+    "engine_version": "24.2.1.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "Skyhigh": {
+    "category": "malicious",
+    "engine_name": "Skyhigh",
+    "engine_update": "20240627",
+    "engine_version": "v2021.2.0+4045",
+    "method": "blacklist",
+    "result": "Artemis!Trojan"
+  },
+  "Sophos": {
+    "category": "malicious",
+    "engine_name": "Sophos",
+    "engine_update": "20240628",
+    "engine_version": "2.5.5.0",
+    "method": "blacklist",
+    "result": "Generic Reputation PUA (PUA)"
+  },
+  "Symantec": {
+    "category": "malicious",
+    "engine_name": "Symantec",
+    "engine_update": "20240628",
+    "engine_version": "1.21.0.0",
+    "method": "blacklist",
+    "result": "Trojan.Gen.NPE"
+  },
+  "SymantecMobileInsight": {
+    "category": "type-unsupported",
+    "engine_name": "SymantecMobileInsight",
+    "engine_update": "20240103",
+    "engine_version": "2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "TACHYON": {
+    "category": "undetected",
+    "engine_name": "TACHYON",
+    "engine_update": "20240628",
+    "engine_version": "2024-06-28.02",
+    "method": "blacklist",
+    "result": null
+  },
+  "Tencent": {
+    "category": "malicious",
+    "engine_name": "Tencent",
+    "engine_update": "20240628",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": "Linux.Risktool.Bitcoinminer.Usmw"
+  },
+  "Trapmine": {
+    "category": "type-unsupported",
+    "engine_name": "Trapmine",
+    "engine_update": "20240223",
+    "engine_version": "4.0.16.96",
+    "method": "blacklist",
+    "result": null
+  },
+  "TrendMicro": {
+    "category": "malicious",
+    "engine_name": "TrendMicro",
+    "engine_update": "20240628",
+    "engine_version": "11.0.0.1006",
+    "method": "blacklist",
+    "result": "TROJ_GEN.R002C0DF524"
+  },
+  "TrendMicro-HouseCall": {
+    "category": "malicious",
+    "engine_name": "TrendMicro-HouseCall",
+    "engine_update": "20240628",
+    "engine_version": "10.0.0.1040",
+    "method": "blacklist",
+    "result": "TROJ_GEN.R002C0DF524"
+  },
+  "Trustlook": {
+    "category": "type-unsupported",
+    "engine_name": "Trustlook",
+    "engine_update": "20240628",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VBA32": {
+    "category": "undetected",
+    "engine_name": "VBA32",
+    "engine_update": "20240628",
+    "engine_version": "5.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VIPRE": {
+    "category": "malicious",
+    "engine_name": "VIPRE",
+    "engine_update": "20240627",
+    "engine_version": "6.0.0.35",
+    "method": "blacklist",
+    "result": "Application.Linux.Generic.23454"
+  },
+  "Varist": {
+    "category": "malicious",
+    "engine_name": "Varist",
+    "engine_update": "20240628",
+    "engine_version": "6.5.1.2",
+    "method": "blacklist",
+    "result": "E32/ABRisk.AUAW-18"
+  },
+  "ViRobot": {
+    "category": "undetected",
+    "engine_name": "ViRobot",
+    "engine_update": "20240628",
+    "engine_version": "2014.3.20.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VirIT": {
+    "category": "undetected",
+    "engine_name": "VirIT",
+    "engine_update": "20240627",
+    "engine_version": "9.5.733",
+    "method": "blacklist",
+    "result": null
+  },
+  "Webroot": {
+    "category": "type-unsupported",
+    "engine_name": "Webroot",
+    "engine_update": "20240628",
+    "engine_version": "1.0.0.403",
+    "method": "blacklist",
+    "result": null
+  },
+  "Xcitium": {
+    "category": "undetected",
+    "engine_name": "Xcitium",
+    "engine_update": "20240628",
+    "engine_version": "36830",
+    "method": "blacklist",
+    "result": null
+  },
+  "Yandex": {
+    "category": "undetected",
+    "engine_name": "Yandex",
+    "engine_update": "20240628",
+    "engine_version": "5.5.2.24",
+    "method": "blacklist",
+    "result": null
+  },
+  "Zillya": {
+    "category": "undetected",
+    "engine_name": "Zillya",
+    "engine_update": "20240627",
+    "engine_version": "2.0.0.5142",
+    "method": "blacklist",
+    "result": null
+  },
+  "ZoneAlarm": {
+    "category": "malicious",
+    "engine_name": "ZoneAlarm",
+    "engine_update": "20240628",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": "not-a-virus:HEUR:RiskTool.Linux.BitCoinMiner.n"
+  },
+  "Zoner": {
+    "category": "undetected",
+    "engine_name": "Zoner",
+    "engine_update": "20240628",
+    "engine_version": "2.2.2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "alibabacloud": {
+    "category": "malicious",
+    "engine_name": "alibabacloud",
+    "engine_update": "20240620",
+    "engine_version": "2.1.0",
+    "method": "blacklist",
+    "result": "Miner:Multi/XMRig"
+  },
+  "tehtris": {
+    "category": "undetected",
+    "engine_name": "tehtris",
+    "engine_update": "20240628",
+    "engine_version": "v0.1.4",
+    "method": "blacklist",
+    "result": null
+  }
+}
--- a/linux/fa0defdabd9fd43fe2ef1ec33574ea1af1290bd3d763fdb2bed443f2bd996d73/README.md
+++ b/linux/fa0defdabd9fd43fe2ef1ec33574ea1af1290bd3d763fdb2bed443f2bd996d73/README.md
@ -0,0 +1,68 @@
+
+# Sample Information
+
+<table>
+  <tr>
+    <td><b>VirusTotal Threat Label</b></td>
+    <td><b><span style="color: red">trojan.bpfdoor</span></b></td>
+  </tr>
+  <tr>
+    <td><b>md5</b></td>
+    <td>0017f7b913ce66e4d80f7e78cf830a2b</td>
+  </tr>
+  <tr>
+    <td><b>sha1</b></td>
+    <td>f1bf775746a5c882b9ec003617b2a70cf5a5b029</td>
+  </tr>
+  <tr>
+    <td><b>sha256</b></td>
+    <td>fa0defdabd9fd43fe2ef1ec33574ea1af1290bd3d763fdb2bed443f2bd996d73</td>
+  </tr>
+  <tr>
+    <td><b>sha512</b></td>
+    <td>ff5dd28ba3f5ce1f85f85fa9b65f9f30fbd300f2ca238cb2713da7077b7a0a8ff094cff4d7de9381726925abdd9ea065fa75ccd02fa5a816b71a6f91479363c1</td>
+  </tr>
+</table>
+
+**VirusTotal**: https://www.virustotal.com/gui/file/fa0defdabd9fd43fe2ef1ec33574ea1af1290bd3d763fdb2bed443f2bd996d73
+
+## Detection Names
+
+a variant of Linux/BpfDoor.B  
+Backdoor.BPFDoor/Linux!1.EF16 (CLASSIC)  
+Backdoor.Linux.BPFDoor  
+Backdoor/Linux.Bpfdoor.28832  
+Backdoor:Linux/BPFDoor.A!MTB  
+Backdoor.Linux.BPFDOOR.AS  
+Backdoor.Linux.flhb  
+Backdoor.Trojan  
+Detected  
+E64/Agent.DI  
+ELF:Agent-AOI [Trj]  
+ELF:Agent-BNJ [Trj]  
+ELF.Mirai.47214.GC  
+HEUR:Backdoor.Linux.Agent.co  
+LINUX/Agent.awj  
+Linux/Agent.KC!tr  
+Linux.Backdoor.Agent.Xfow  
+Linux/Bckdr-RYJ  
+Linux.Siggen.3707  
+Linux.Trojan.BPFDoor  
+Linux.Troj.Generic.yz  
+Malicious (score: 99)  
+Malware@#2va7z0hek31ce  
+malware (ai score=100)  
+Malware.LINUX/Agent.awj  
+RDN/Generic BackDoor  
+Static AI - Malicious ELF  
+Suspicious.Linux.Save.a  
+Trojan[Backdoor]/Linux.Agent.co  
+Trojan.BpfDoor.Linux.5  
+Trojan.Linux.Agent  
+Trojan.Linux.BPFDoor.m!c  
+Trojan.Linux.Generic.186585  
+Trojan.Linux.Generic.186585 (B)  
+Trojan.Linux.Generic.D2D8D9  
+Trojan:Linux/LinuxAgent  
+Unix.Backdoor.RedMenshen-9950338-1  
+
--- a/linux/fa0defdabd9fd43fe2ef1ec33574ea1af1290bd3d763fdb2bed443f2bd996d73/virustotal.json
+++ b/linux/fa0defdabd9fd43fe2ef1ec33574ea1af1290bd3d763fdb2bed443f2bd996d73/virustotal.json
@ -0,0 +1,626 @@
+{
+  "ALYac": {
+    "category": "malicious",
+    "engine_name": "ALYac",
+    "engine_update": "20240529",
+    "engine_version": "2.0.0.10",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.BPFDoor"
+  },
+  "APEX": {
+    "category": "type-unsupported",
+    "engine_name": "APEX",
+    "engine_update": "20240528",
+    "engine_version": "6.536",
+    "method": "blacklist",
+    "result": null
+  },
+  "AVG": {
+    "category": "malicious",
+    "engine_name": "AVG",
+    "engine_update": "20240529",
+    "engine_version": "23.9.8494.0",
+    "method": "blacklist",
+    "result": "ELF:Agent-AOI [Trj]"
+  },
+  "Acronis": {
+    "category": "undetected",
+    "engine_name": "Acronis",
+    "engine_update": "20240328",
+    "engine_version": "1.2.0.121",
+    "method": "blacklist",
+    "result": null
+  },
+  "AhnLab-V3": {
+    "category": "malicious",
+    "engine_name": "AhnLab-V3",
+    "engine_update": "20240529",
+    "engine_version": "3.25.1.10473",
+    "method": "blacklist",
+    "result": "Backdoor/Linux.Bpfdoor.28832"
+  },
+  "Alibaba": {
+    "category": "type-unsupported",
+    "engine_name": "Alibaba",
+    "engine_update": "20190527",
+    "engine_version": "0.3.0.5",
+    "method": "blacklist",
+    "result": null
+  },
+  "Antiy-AVL": {
+    "category": "malicious",
+    "engine_name": "Antiy-AVL",
+    "engine_update": "20240529",
+    "engine_version": "3.0",
+    "method": "blacklist",
+    "result": "Trojan[Backdoor]/Linux.Agent.co"
+  },
+  "Arcabit": {
+    "category": "malicious",
+    "engine_name": "Arcabit",
+    "engine_update": "20240529",
+    "engine_version": "2022.0.0.18",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.D2D8D9"
+  },
+  "Avast": {
+    "category": "malicious",
+    "engine_name": "Avast",
+    "engine_update": "20240529",
+    "engine_version": "23.9.8494.0",
+    "method": "blacklist",
+    "result": "ELF:Agent-AOI [Trj]"
+  },
+  "Avast-Mobile": {
+    "category": "malicious",
+    "engine_name": "Avast-Mobile",
+    "engine_update": "20240528",
+    "engine_version": "240528-00",
+    "method": "blacklist",
+    "result": "ELF:Agent-BNJ [Trj]"
+  },
+  "Avira": {
+    "category": "malicious",
+    "engine_name": "Avira",
+    "engine_update": "20240529",
+    "engine_version": "8.3.3.18",
+    "method": "blacklist",
+    "result": "LINUX/Agent.awj"
+  },
+  "Baidu": {
+    "category": "undetected",
+    "engine_name": "Baidu",
+    "engine_update": "20190318",
+    "engine_version": "1.0.0.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefender": {
+    "category": "malicious",
+    "engine_name": "BitDefender",
+    "engine_update": "20240529",
+    "engine_version": "7.2",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.186585"
+  },
+  "BitDefenderFalx": {
+    "category": "type-unsupported",
+    "engine_name": "BitDefenderFalx",
+    "engine_update": "20240128",
+    "engine_version": "2.0.936",
+    "method": "blacklist",
+    "result": null
+  },
+  "BitDefenderTheta": {
+    "category": "undetected",
+    "engine_name": "BitDefenderTheta",
+    "engine_update": "20240422",
+    "engine_version": "7.2.37796.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Bkav": {
+    "category": "undetected",
+    "engine_name": "Bkav",
+    "engine_update": "20240528",
+    "engine_version": "2.0.0.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "CAT-QuickHeal": {
+    "category": "malicious",
+    "engine_name": "CAT-QuickHeal",
+    "engine_update": "20240528",
+    "engine_version": "22.00",
+    "method": "blacklist",
+    "result": "ELF.Mirai.47214.GC"
+  },
+  "CMC": {
+    "category": "undetected",
+    "engine_name": "CMC",
+    "engine_update": "20240529",
+    "engine_version": "2.4.2022.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "ClamAV": {
+    "category": "malicious",
+    "engine_name": "ClamAV",
+    "engine_update": "20240528",
+    "engine_version": "1.3.1.0",
+    "method": "blacklist",
+    "result": "Unix.Backdoor.RedMenshen-9950338-1"
+  },
+  "CrowdStrike": {
+    "category": "undetected",
+    "engine_name": "CrowdStrike",
+    "engine_update": "20231026",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cybereason": {
+    "category": "undetected",
+    "engine_name": "Cybereason",
+    "engine_update": "20240502",
+    "engine_version": "1.2.449",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cylance": {
+    "category": "type-unsupported",
+    "engine_name": "Cylance",
+    "engine_update": "20240523",
+    "engine_version": "2.0.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "Cynet": {
+    "category": "malicious",
+    "engine_name": "Cynet",
+    "engine_update": "20240529",
+    "engine_version": "4.0.1.1",
+    "method": "blacklist",
+    "result": "Malicious (score: 99)"
+  },
+  "DeepInstinct": {
+    "category": "type-unsupported",
+    "engine_name": "DeepInstinct",
+    "engine_update": "20240525",
+    "engine_version": "5.0.0.8",
+    "method": "blacklist",
+    "result": null
+  },
+  "DrWeb": {
+    "category": "malicious",
+    "engine_name": "DrWeb",
+    "engine_update": "20240529",
+    "engine_version": "7.0.65.5230",
+    "method": "blacklist",
+    "result": "Linux.Siggen.3707"
+  },
+  "ESET-NOD32": {
+    "category": "malicious",
+    "engine_name": "ESET-NOD32",
+    "engine_update": "20240529",
+    "engine_version": "29304",
+    "method": "blacklist",
+    "result": "a variant of Linux/BpfDoor.B"
+  },
+  "Elastic": {
+    "category": "malicious",
+    "engine_name": "Elastic",
+    "engine_update": "20240522",
+    "engine_version": "4.0.146",
+    "method": "blacklist",
+    "result": "Linux.Trojan.BPFDoor"
+  },
+  "Emsisoft": {
+    "category": "malicious",
+    "engine_name": "Emsisoft",
+    "engine_update": "20240529",
+    "engine_version": "2024.1.0.53752",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.186585 (B)"
+  },
+  "F-Secure": {
+    "category": "malicious",
+    "engine_name": "F-Secure",
+    "engine_update": "20240528",
+    "engine_version": "18.10.1547.307",
+    "method": "blacklist",
+    "result": "Malware.LINUX/Agent.awj"
+  },
+  "FireEye": {
+    "category": "malicious",
+    "engine_name": "FireEye",
+    "engine_update": "20240529",
+    "engine_version": "35.47.0.0",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.186585"
+  },
+  "Fortinet": {
+    "category": "malicious",
+    "engine_name": "Fortinet",
+    "engine_update": "20240529",
+    "engine_version": "None",
+    "method": "blacklist",
+    "result": "Linux/Agent.KC!tr"
+  },
+  "GData": {
+    "category": "malicious",
+    "engine_name": "GData",
+    "engine_update": "20240529",
+    "engine_version": "A:25.38092B:27.36167",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.186585"
+  },
+  "Google": {
+    "category": "malicious",
+    "engine_name": "Google",
+    "engine_update": "20240529",
+    "engine_version": "1716966021",
+    "method": "blacklist",
+    "result": "Detected"
+  },
+  "Gridinsoft": {
+    "category": "undetected",
+    "engine_name": "Gridinsoft",
+    "engine_update": "20240529",
+    "engine_version": "1.0.178.174",
+    "method": "blacklist",
+    "result": null
+  },
+  "Ikarus": {
+    "category": "malicious",
+    "engine_name": "Ikarus",
+    "engine_update": "20240528",
+    "engine_version": "6.3.12.0",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Agent"
+  },
+  "Jiangmin": {
+    "category": "malicious",
+    "engine_name": "Jiangmin",
+    "engine_update": "20240528",
+    "engine_version": "16.0.100",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.flhb"
+  },
+  "K7AntiVirus": {
+    "category": "undetected",
+    "engine_name": "K7AntiVirus",
+    "engine_update": "20240529",
+    "engine_version": "12.161.52127",
+    "method": "blacklist",
+    "result": null
+  },
+  "K7GW": {
+    "category": "undetected",
+    "engine_name": "K7GW",
+    "engine_update": "20240529",
+    "engine_version": "12.161.52128",
+    "method": "blacklist",
+    "result": null
+  },
+  "Kaspersky": {
+    "category": "malicious",
+    "engine_name": "Kaspersky",
+    "engine_update": "20240529",
+    "engine_version": "22.0.1.28",
+    "method": "blacklist",
+    "result": "HEUR:Backdoor.Linux.Agent.co"
+  },
+  "Kingsoft": {
+    "category": "malicious",
+    "engine_name": "Kingsoft",
+    "engine_update": "20230906",
+    "engine_version": "None",
+    "method": "blacklist",
+    "result": "Linux.Troj.Generic.yz"
+  },
+  "Lionic": {
+    "category": "malicious",
+    "engine_name": "Lionic",
+    "engine_update": "20240529",
+    "engine_version": "7.5",
+    "method": "blacklist",
+    "result": "Trojan.Linux.BPFDoor.m!c"
+  },
+  "MAX": {
+    "category": "malicious",
+    "engine_name": "MAX",
+    "engine_update": "20240529",
+    "engine_version": "2023.1.4.1",
+    "method": "blacklist",
+    "result": "malware (ai score=100)"
+  },
+  "Malwarebytes": {
+    "category": "undetected",
+    "engine_name": "Malwarebytes",
+    "engine_update": "20240529",
+    "engine_version": "4.5.5.54",
+    "method": "blacklist",
+    "result": null
+  },
+  "MaxSecure": {
+    "category": "undetected",
+    "engine_name": "MaxSecure",
+    "engine_update": "20240529",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": null
+  },
+  "McAfee": {
+    "category": "malicious",
+    "engine_name": "McAfee",
+    "engine_update": "20240528",
+    "engine_version": "6.0.6.653",
+    "method": "blacklist",
+    "result": "RDN/Generic BackDoor"
+  },
+  "McAfeeD": {
+    "category": "type-unsupported",
+    "engine_name": "McAfeeD",
+    "engine_update": "20240529",
+    "engine_version": "1.2.0.7628",
+    "method": "blacklist",
+    "result": null
+  },
+  "MicroWorld-eScan": {
+    "category": "malicious",
+    "engine_name": "MicroWorld-eScan",
+    "engine_update": "20240529",
+    "engine_version": "14.0.409.0",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.186585"
+  },
+  "Microsoft": {
+    "category": "malicious",
+    "engine_name": "Microsoft",
+    "engine_update": "20240529",
+    "engine_version": "1.1.24040.1",
+    "method": "blacklist",
+    "result": "Backdoor:Linux/BPFDoor.A!MTB"
+  },
+  "NANO-Antivirus": {
+    "category": "undetected",
+    "engine_name": "NANO-Antivirus",
+    "engine_update": "20240529",
+    "engine_version": "1.0.146.25796",
+    "method": "blacklist",
+    "result": null
+  },
+  "Paloalto": {
+    "category": "type-unsupported",
+    "engine_name": "Paloalto",
+    "engine_update": "20240529",
+    "engine_version": "0.9.0.1003",
+    "method": "blacklist",
+    "result": null
+  },
+  "Panda": {
+    "category": "undetected",
+    "engine_name": "Panda",
+    "engine_update": "20240528",
+    "engine_version": "4.6.4.2",
+    "method": "blacklist",
+    "result": null
+  },
+  "Rising": {
+    "category": "malicious",
+    "engine_name": "Rising",
+    "engine_update": "20240529",
+    "engine_version": "25.0.0.27",
+    "method": "blacklist",
+    "result": "Backdoor.BPFDoor/Linux!1.EF16 (CLASSIC)"
+  },
+  "SUPERAntiSpyware": {
+    "category": "undetected",
+    "engine_name": "SUPERAntiSpyware",
+    "engine_update": "20240529",
+    "engine_version": "5.6.0.1032",
+    "method": "blacklist",
+    "result": null
+  },
+  "Sangfor": {
+    "category": "malicious",
+    "engine_name": "Sangfor",
+    "engine_update": "20240528",
+    "engine_version": "2.23.0.0",
+    "method": "blacklist",
+    "result": "Suspicious.Linux.Save.a"
+  },
+  "SentinelOne": {
+    "category": "malicious",
+    "engine_name": "SentinelOne",
+    "engine_update": "20240417",
+    "engine_version": "24.2.1.1",
+    "method": "blacklist",
+    "result": "Static AI - Malicious ELF"
+  },
+  "Skyhigh": {
+    "category": "malicious",
+    "engine_name": "Skyhigh",
+    "engine_update": "20240528",
+    "engine_version": "v2021.2.0+4045",
+    "method": "blacklist",
+    "result": "RDN/Generic BackDoor"
+  },
+  "Sophos": {
+    "category": "malicious",
+    "engine_name": "Sophos",
+    "engine_update": "20240529",
+    "engine_version": "2.5.5.0",
+    "method": "blacklist",
+    "result": "Linux/Bckdr-RYJ"
+  },
+  "Symantec": {
+    "category": "malicious",
+    "engine_name": "Symantec",
+    "engine_update": "20240529",
+    "engine_version": "1.21.0.0",
+    "method": "blacklist",
+    "result": "Backdoor.Trojan"
+  },
+  "SymantecMobileInsight": {
+    "category": "type-unsupported",
+    "engine_name": "SymantecMobileInsight",
+    "engine_update": "20240103",
+    "engine_version": "2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "TACHYON": {
+    "category": "undetected",
+    "engine_name": "TACHYON",
+    "engine_update": "20240529",
+    "engine_version": "2024-05-29.02",
+    "method": "blacklist",
+    "result": null
+  },
+  "Tencent": {
+    "category": "malicious",
+    "engine_name": "Tencent",
+    "engine_update": "20240529",
+    "engine_version": "1.0.0.1",
+    "method": "blacklist",
+    "result": "Linux.Backdoor.Agent.Xfow"
+  },
+  "Trapmine": {
+    "category": "type-unsupported",
+    "engine_name": "Trapmine",
+    "engine_update": "20240223",
+    "engine_version": "4.0.16.96",
+    "method": "blacklist",
+    "result": null
+  },
+  "TrendMicro": {
+    "category": "malicious",
+    "engine_name": "TrendMicro",
+    "engine_update": "20240529",
+    "engine_version": "11.0.0.1006",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.BPFDOOR.AS"
+  },
+  "TrendMicro-HouseCall": {
+    "category": "malicious",
+    "engine_name": "TrendMicro-HouseCall",
+    "engine_update": "20240529",
+    "engine_version": "10.0.0.1040",
+    "method": "blacklist",
+    "result": "Backdoor.Linux.BPFDOOR.AS"
+  },
+  "Trustlook": {
+    "category": "type-unsupported",
+    "engine_name": "Trustlook",
+    "engine_update": "20240529",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VBA32": {
+    "category": "undetected",
+    "engine_name": "VBA32",
+    "engine_update": "20240528",
+    "engine_version": "5.0.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VIPRE": {
+    "category": "malicious",
+    "engine_name": "VIPRE",
+    "engine_update": "20240528",
+    "engine_version": "6.0.0.35",
+    "method": "blacklist",
+    "result": "Trojan.Linux.Generic.186585"
+  },
+  "Varist": {
+    "category": "malicious",
+    "engine_name": "Varist",
+    "engine_update": "20240529",
+    "engine_version": "6.5.1.2",
+    "method": "blacklist",
+    "result": "E64/Agent.DI"
+  },
+  "ViRobot": {
+    "category": "undetected",
+    "engine_name": "ViRobot",
+    "engine_update": "20240529",
+    "engine_version": "2014.3.20.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "VirIT": {
+    "category": "undetected",
+    "engine_name": "VirIT",
+    "engine_update": "20240528",
+    "engine_version": "9.5.711",
+    "method": "blacklist",
+    "result": null
+  },
+  "Webroot": {
+    "category": "type-unsupported",
+    "engine_name": "Webroot",
+    "engine_update": "20240529",
+    "engine_version": "1.0.0.403",
+    "method": "blacklist",
+    "result": null
+  },
+  "Xcitium": {
+    "category": "malicious",
+    "engine_name": "Xcitium",
+    "engine_update": "20240528",
+    "engine_version": "36741",
+    "method": "blacklist",
+    "result": "Malware@#2va7z0hek31ce"
+  },
+  "Yandex": {
+    "category": "undetected",
+    "engine_name": "Yandex",
+    "engine_update": "20240529",
+    "engine_version": "5.5.2.24",
+    "method": "blacklist",
+    "result": null
+  },
+  "Zillya": {
+    "category": "malicious",
+    "engine_name": "Zillya",
+    "engine_update": "20240528",
+    "engine_version": "2.0.0.5122",
+    "method": "blacklist",
+    "result": "Trojan.BpfDoor.Linux.5"
+  },
+  "ZoneAlarm": {
+    "category": "malicious",
+    "engine_name": "ZoneAlarm",
+    "engine_update": "20240529",
+    "engine_version": "1.0",
+    "method": "blacklist",
+    "result": "HEUR:Backdoor.Linux.Agent.co"
+  },
+  "Zoner": {
+    "category": "undetected",
+    "engine_name": "Zoner",
+    "engine_update": "20240529",
+    "engine_version": "2.2.2.0",
+    "method": "blacklist",
+    "result": null
+  },
+  "alibabacloud": {
+    "category": "malicious",
+    "engine_name": "alibabacloud",
+    "engine_update": "20240513",
+    "engine_version": "2.1.0",
+    "method": "blacklist",
+    "result": "Trojan:Linux/LinuxAgent"
+  },
+  "tehtris": {
+    "category": "undetected",
+    "engine_name": "tehtris",
+    "engine_update": "20240529",
+    "engine_version": "v0.1.4",
+    "method": "blacklist",
+    "result": null
+  }
+}