add: [linux] sample info take 3
This commit is contained in:
parent
8b9cb31880
commit
ed31396fe8
19 changed files with 494 additions and 19 deletions
|
@ -1,4 +1,28 @@
|
||||||
# Detection Names
|
|
||||||
|
# Sample Information
|
||||||
|
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td><b>md5</b></td>
|
||||||
|
<td>827461d60dcf9edf8dad7bcd5984fc1a</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha1</b></td>
|
||||||
|
<td>776d18b62f309da5311b0ae40222c19b4efa2a3e</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha256</b></td>
|
||||||
|
<td>15e67237cfda7a9b6cd6d27af76b315c79ad65daeec127f84128904b8c7757dd</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha512</b></td>
|
||||||
|
<td>481d37773aa434447b52013036be29b98ecc689b7f33bf40025bcdbc897c5f3d2a60ed11b3ad8f36c18b8a58d11292ff524197db5479977b75468786490c0590</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
|
||||||
|
VirusTotal: https://www.virustotal.com/gui/file/15e67237cfda7a9b6cd6d27af76b315c79ad65daeec127f84128904b8c7757dd
|
||||||
|
|
||||||
|
## Detection Names
|
||||||
|
|
||||||
a variant of Linux/Mirai.A
|
a variant of Linux/Mirai.A
|
||||||
Backdoor.Linux.Mirai.wan
|
Backdoor.Linux.Mirai.wan
|
||||||
|
@ -29,3 +53,4 @@ Trojan.Linux.Linux.4!c
|
||||||
Trojan.Linux.Mirai
|
Trojan.Linux.Mirai
|
||||||
Trojan:Linux/Mirai
|
Trojan:Linux/Mirai
|
||||||
Unix.Malware.Agent-7052919-0
|
Unix.Malware.Agent-7052919-0
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,28 @@
|
||||||
# Detection Names
|
|
||||||
|
# Sample Information
|
||||||
|
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td><b>md5</b></td>
|
||||||
|
<td>a0e1c1e0a2c5cdc8af60beda2b581ee1</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha1</b></td>
|
||||||
|
<td>555c3d3b9ca1010ccfa9533487e264ad7fe34ecd</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha256</b></td>
|
||||||
|
<td>17d8569d683f39d71f051cc0d2d33a662e549635cd74460c72ba1e49224bc35c</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha512</b></td>
|
||||||
|
<td>3492b67643a97e7dd607f4d4edc97a36380ed2a85f87fba3ff3e817debff7aa7ad84f7ea884b3340fefe3b0ab37327b789640d3fa6ef1f40acd3b195306a414b</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
|
||||||
|
VirusTotal: https://www.virustotal.com/gui/file/17d8569d683f39d71f051cc0d2d33a662e549635cd74460c72ba1e49224bc35c
|
||||||
|
|
||||||
|
## Detection Names
|
||||||
|
|
||||||
Artemis!Trojan
|
Artemis!Trojan
|
||||||
Backdoor.linux.ganiw.h
|
Backdoor.linux.ganiw.h
|
||||||
|
@ -31,3 +55,4 @@ Trojan.Linux.Ganiw.m!c
|
||||||
Trojan:Linux/Multiverze
|
Trojan:Linux/Multiverze
|
||||||
Trojan.Setag.Linux.79
|
Trojan.Setag.Linux.79
|
||||||
Unix.Malware.Agent-1639378
|
Unix.Malware.Agent-1639378
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,28 @@
|
||||||
# Detection Names
|
|
||||||
|
# Sample Information
|
||||||
|
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td><b>md5</b></td>
|
||||||
|
<td>2c77be94e0ad2d6e149ba72c1446e39a</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha1</b></td>
|
||||||
|
<td>66eac493ef0af8dbe92f875200ff6604674f1541</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha256</b></td>
|
||||||
|
<td>233e29773d33eec0dcb43eb133d4595735e98d83cbf59d2533f1a88e286dcabe</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha512</b></td>
|
||||||
|
<td>c2a19d703b9f734da8f85b2caf12a38a47077938753222355897012fa570f87e906203a9a8bca0c66cbd2579d7e0c1f2df2132a150f4891819e8246a71b6190d</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
|
||||||
|
VirusTotal: https://www.virustotal.com/gui/file/233e29773d33eec0dcb43eb133d4595735e98d83cbf59d2533f1a88e286dcabe
|
||||||
|
|
||||||
|
## Detection Names
|
||||||
|
|
||||||
Artemis
|
Artemis
|
||||||
a variant of Linux/Mirai.CGA
|
a variant of Linux/Mirai.CGA
|
||||||
|
@ -34,3 +58,4 @@ Trojan.Linux.Mirai.cad
|
||||||
Trojan.Linux.Mirai.K!c
|
Trojan.Linux.Mirai.K!c
|
||||||
TROJ_GEN.R002C0DFD24
|
TROJ_GEN.R002C0DFD24
|
||||||
Unix.Trojan.Mirai-9950938-0
|
Unix.Trojan.Mirai-9950938-0
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,28 @@
|
||||||
# Detection Names
|
|
||||||
|
# Sample Information
|
||||||
|
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td><b>md5</b></td>
|
||||||
|
<td>836141ff2bacfb24243b2a7dd9ab535b</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha1</b></td>
|
||||||
|
<td>88db296aeec228756dd7854d7d88e412a98331e2</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha256</b></td>
|
||||||
|
<td>43e4589a894146664907f21c8817d16b02d353d0d9af02bd8db67c21891b8c08</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha512</b></td>
|
||||||
|
<td>b5e99d3bf005a41bf1db8048484929ff06a3510f9f9146ff68560e17e56dd3f0a3f990ccea67d5821f261987141844f0358d95de5be655c9197214892152c622</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
|
||||||
|
VirusTotal: https://www.virustotal.com/gui/file/43e4589a894146664907f21c8817d16b02d353d0d9af02bd8db67c21891b8c08
|
||||||
|
|
||||||
|
## Detection Names
|
||||||
|
|
||||||
a variant of Linux/Mirai.BR
|
a variant of Linux/Mirai.BR
|
||||||
Backdoor.Linux.ckja
|
Backdoor.Linux.ckja
|
||||||
|
@ -22,3 +46,4 @@ Trojan.Linux.Mirai.K!c
|
||||||
Trojan.Mirai.fmuckw
|
Trojan.Mirai.fmuckw
|
||||||
Trojan:Win32/Mirai!ml
|
Trojan:Win32/Mirai!ml
|
||||||
Unix.Malware.Agent-6885382-0
|
Unix.Malware.Agent-6885382-0
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,28 @@
|
||||||
# Detection Names
|
|
||||||
|
# Sample Information
|
||||||
|
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td><b>md5</b></td>
|
||||||
|
<td>cadc906c5123702e80d8047cabc77170</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha1</b></td>
|
||||||
|
<td>a4e4f736200d84284d67bc41361638ff43f0e99d</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha256</b></td>
|
||||||
|
<td>44c21f98d1fe78e1466ddc9dfd1113e1e416934b6a0eb2b1da0bcf27535f7775</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha512</b></td>
|
||||||
|
<td>04e43ef9e24f050a2e1223bbcf3f20bac34913d1425929232fd1bf3e4a3f5e5bbc3dac60c0026682be5540a05cfc72d15c123fd5cc5a41636d517b7c1811d3d8</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
|
||||||
|
VirusTotal: https://www.virustotal.com/gui/file/44c21f98d1fe78e1466ddc9dfd1113e1e416934b6a0eb2b1da0bcf27535f7775
|
||||||
|
|
||||||
|
## Detection Names
|
||||||
|
|
||||||
a variant of Linux/Gafgyt.AXI
|
a variant of Linux/Gafgyt.AXI
|
||||||
Backdoor.Linux.Mirai.wan
|
Backdoor.Linux.Mirai.wan
|
||||||
|
@ -29,3 +53,4 @@ Trojan.Linux.Mirai.K!c
|
||||||
Trojan:Linux/Multiverze
|
Trojan:Linux/Multiverze
|
||||||
Trojan.Malware.121218.susgen
|
Trojan.Malware.121218.susgen
|
||||||
Unix.Trojan.DarkNexus-7679166-0
|
Unix.Trojan.DarkNexus-7679166-0
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,28 @@
|
||||||
# Detection Names
|
|
||||||
|
# Sample Information
|
||||||
|
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td><b>md5</b></td>
|
||||||
|
<td>e62089b51f3b485b891359accdb11bdc</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha1</b></td>
|
||||||
|
<td>acbe528883175ce934df4edd4fff045a0e2d2d8f</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha256</b></td>
|
||||||
|
<td>6420f5d7d48b75d687b8356e93c82721bb536c633d773f8985f74c8977425f04</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha512</b></td>
|
||||||
|
<td>7bea4517cfbc816db778296f17c414cf93da4182c014678e214685733fd275401893344277f2d826965c4908c77c1136d53f6a76ff0e3b5d2250c19be9ccaf50</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
|
||||||
|
VirusTotal: https://www.virustotal.com/gui/file/6420f5d7d48b75d687b8356e93c82721bb536c633d773f8985f74c8977425f04
|
||||||
|
|
||||||
|
## Detection Names
|
||||||
|
|
||||||
Artemis!Trojan
|
Artemis!Trojan
|
||||||
Detected
|
Detected
|
||||||
|
@ -28,3 +52,4 @@ Static AI - Suspicious ELF
|
||||||
Trojan[Exploit]/Linux.Agent.a
|
Trojan[Exploit]/Linux.Agent.a
|
||||||
Trojan.Gen.NPE
|
Trojan.Gen.NPE
|
||||||
Unix.Malware.Agent-7437248-0
|
Unix.Malware.Agent-7437248-0
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,28 @@
|
||||||
# Detection Names
|
|
||||||
|
# Sample Information
|
||||||
|
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td><b>md5</b></td>
|
||||||
|
<td>3b580fa241f0f73f885ad9b364bef5e7</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha1</b></td>
|
||||||
|
<td>08534ff1a88547dd76c1948257ab7c78c2b7ab7e</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha256</b></td>
|
||||||
|
<td>6ebf51d169240f1c233aaf49da07005eca3529ae4c9b19b9de78f906ad7527a6</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha512</b></td>
|
||||||
|
<td>732b628b52e25eafc4f59b7372b8c9a258366b97d50385e64231a6616a61465581213ee02e9c3ac6284022e589e110dd3e3c16d9dd0572e64430bd9d5acb6477</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
|
||||||
|
VirusTotal: https://www.virustotal.com/gui/file/6ebf51d169240f1c233aaf49da07005eca3529ae4c9b19b9de78f906ad7527a6
|
||||||
|
|
||||||
|
## Detection Names
|
||||||
|
|
||||||
Backdoor.Linux.Ganiw.H
|
Backdoor.Linux.Ganiw.H
|
||||||
Backdoor.Linux.Ganiw.H (B)
|
Backdoor.Linux.Ganiw.H (B)
|
||||||
|
@ -35,3 +59,4 @@ Trojan.Linux.Elknot.atAE
|
||||||
Trojan.Linux.Ganiw.a
|
Trojan.Linux.Ganiw.a
|
||||||
Trojan.Malware.121218.susgen
|
Trojan.Malware.121218.susgen
|
||||||
Trojan/Win32.PowerGhost.a
|
Trojan/Win32.PowerGhost.a
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,28 @@
|
||||||
# Detection Names
|
|
||||||
|
# Sample Information
|
||||||
|
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td><b>md5</b></td>
|
||||||
|
<td>171d2a50c6d7e69281d1c3ef98d510f2</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha1</b></td>
|
||||||
|
<td>322db4ca435004a127acd4171cc52be9edaf5338</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha256</b></td>
|
||||||
|
<td>713b699c04f21000fca981e698e1046d4595f423bd5741d712fd7e0bc358c771</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha512</b></td>
|
||||||
|
<td>2226d1a5e9c8a2920fa8d327b53e10f135e9b30c8c3d1e7fbb3a59a51df782f106f41f60ad8140a1de4a81ef6b230418126ffb24bd75eab3c3a298ada2f58913</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
|
||||||
|
VirusTotal: https://www.virustotal.com/gui/file/713b699c04f21000fca981e698e1046d4595f423bd5741d712fd7e0bc358c771
|
||||||
|
|
||||||
|
## Detection Names
|
||||||
|
|
||||||
Detected
|
Detected
|
||||||
E64/DCFilcdr.JVGT-
|
E64/DCFilcdr.JVGT-
|
||||||
|
@ -35,3 +59,4 @@ Trojan-Ransom.Hive
|
||||||
Trojan.Ransom.Linux.Gen
|
Trojan.Ransom.Linux.Gen
|
||||||
Trojan[Ransom]/Linux.Hive.d
|
Trojan[Ransom]/Linux.Hive.d
|
||||||
Unix.Ransomware.Deadbolt-9959009-0
|
Unix.Ransomware.Deadbolt-9959009-0
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,28 @@
|
||||||
# Detection Names
|
|
||||||
|
# Sample Information
|
||||||
|
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td><b>md5</b></td>
|
||||||
|
<td>73041d7b9a93d3cda76e2a052ac02e82</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha1</b></td>
|
||||||
|
<td>f995852f291e2c946e15d20d020bb8e8defd317f</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha256</b></td>
|
||||||
|
<td>776ea636ee33aab6b2db5f46889b027c297280db37400efb091e0d4a9001a7d7</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha512</b></td>
|
||||||
|
<td>6f430874949362bf2d9d29153c0f9d0e5c53ea7bf69a44cf14c2627981d87ff0ad45fb12c26223dc33ceebf57b6113db37e347b2b4b2fa7ac037a63edc209371</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
|
||||||
|
VirusTotal: https://www.virustotal.com/gui/file/776ea636ee33aab6b2db5f46889b027c297280db37400efb091e0d4a9001a7d7
|
||||||
|
|
||||||
|
## Detection Names
|
||||||
|
|
||||||
a variant of Linux/Filecoder.Sodinokibi.A
|
a variant of Linux/Filecoder.Sodinokibi.A
|
||||||
Detected
|
Detected
|
||||||
|
@ -27,3 +51,4 @@ Trojan-Ransom.Elf.REvil
|
||||||
Trojan[Ransom]/Linux.Sodin.gen
|
Trojan[Ransom]/Linux.Sodin.gen
|
||||||
Trojan.Trojan.Linux.Revil.1
|
Trojan.Trojan.Linux.Revil.1
|
||||||
Unix.Ransomware.REvil-9876132-0
|
Unix.Ransomware.REvil-9876132-0
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,28 @@
|
||||||
# Detection Names
|
|
||||||
|
# Sample Information
|
||||||
|
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td><b>md5</b></td>
|
||||||
|
<td>85ed1956d405087848be7cbeded6c7e2</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha1</b></td>
|
||||||
|
<td>e47fa415628cccca044e4f65f125be9a0b8d4ccf</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha256</b></td>
|
||||||
|
<td>9e70725640c4284e2049e4b25c9cc46cca496053cebf69855ec25acc9bd63e05</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha512</b></td>
|
||||||
|
<td>80c13bee730b1581d83eaef054e4f002a25a8f41ba848237f3b933a2f3530d4086833eef4a61ca41c54b01d8b10d2c0365081ef18175db5fd8acb2cf67c86130</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
|
||||||
|
VirusTotal: https://www.virustotal.com/gui/file/9e70725640c4284e2049e4b25c9cc46cca496053cebf69855ec25acc9bd63e05
|
||||||
|
|
||||||
|
## Detection Names
|
||||||
|
|
||||||
Backdoor[shellcode]:Linux/fackexp.A
|
Backdoor[shellcode]:Linux/fackexp.A
|
||||||
Detected
|
Detected
|
||||||
|
@ -25,3 +49,4 @@ Trojan.Gen.NPE
|
||||||
Trojan.Linux.Agent.b!c
|
Trojan.Linux.Agent.b!c
|
||||||
Trojan:Linux/Multiverze
|
Trojan:Linux/Multiverze
|
||||||
TROJ_GEN.R002C0DFD24
|
TROJ_GEN.R002C0DFD24
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,28 @@
|
||||||
# Detection Names
|
|
||||||
|
# Sample Information
|
||||||
|
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td><b>md5</b></td>
|
||||||
|
<td>8022d0f0f16843e1c5270a7116e478e4</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha1</b></td>
|
||||||
|
<td>fdc75f9bce2f041f6573ccc72979a540960ff269</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha256</b></td>
|
||||||
|
<td>ad69790f301c6b7cebaa84a7fecd6431e87b09526d81a3c618bdf985e08edf3b</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha512</b></td>
|
||||||
|
<td>e0e7ef64719065c38d0a7658f62c0dcb81e67ed8447118250ae5834204cc9e421a1d747dfabdfb995fc61f0c4e97dd74f5ce4e149664a6ebcab5f6b2d8d5017a</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
|
||||||
|
VirusTotal: https://www.virustotal.com/gui/file/ad69790f301c6b7cebaa84a7fecd6431e87b09526d81a3c618bdf985e08edf3b
|
||||||
|
|
||||||
|
## Detection Names
|
||||||
|
|
||||||
a variant of Linux/Gafgyt.WN
|
a variant of Linux/Gafgyt.WN
|
||||||
Backdoor.Linux.BASHLITE.SMJC11
|
Backdoor.Linux.BASHLITE.SMJC11
|
||||||
|
@ -37,3 +61,4 @@ Trojan.Linux.Gafgyt.m!c
|
||||||
Trojan/Linux.Mirai.a
|
Trojan/Linux.Mirai.a
|
||||||
Trojan.Malware.121218.susgen
|
Trojan.Malware.121218.susgen
|
||||||
Unix.Trojan.Tsunami-6981155-0
|
Unix.Trojan.Tsunami-6981155-0
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,28 @@
|
||||||
# Detection Names
|
|
||||||
|
# Sample Information
|
||||||
|
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td><b>md5</b></td>
|
||||||
|
<td>620159aa1a28e52afed78cbf1deaca78</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha1</b></td>
|
||||||
|
<td>23b8a650e38ed2af0eee9792e0e705c1851ac0da</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha256</b></td>
|
||||||
|
<td>b87ad7dba1d367c437db51045e57835f77e8d9735d5c917c6d16984fbde8a3c5</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha512</b></td>
|
||||||
|
<td>ca285004e4e1ab0ad62659a5bda68023c4042e76d8543d34e4eec005e188ad7602d02acc0c9611d1952f20c8986b67706e66551569e8f8d5efb04c737d522569</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
|
||||||
|
VirusTotal: https://www.virustotal.com/gui/file/b87ad7dba1d367c437db51045e57835f77e8d9735d5c917c6d16984fbde8a3c5
|
||||||
|
|
||||||
|
## Detection Names
|
||||||
|
|
||||||
Artemis!Trojan
|
Artemis!Trojan
|
||||||
a variant of Linux/Exploit.Ptrace.F
|
a variant of Linux/Exploit.Ptrace.F
|
||||||
|
@ -29,3 +53,4 @@ Trojan.Exploit.Linux.Local.G (B)
|
||||||
Troj/ExpPtr-Gen
|
Troj/ExpPtr-Gen
|
||||||
TROJ_Generic
|
TROJ_Generic
|
||||||
Unix.Malware.Agent-7437260-0
|
Unix.Malware.Agent-7437260-0
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,28 @@
|
||||||
# Detection Names
|
|
||||||
|
# Sample Information
|
||||||
|
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td><b>md5</b></td>
|
||||||
|
<td>7eea3513ae50fe2e1d88c91936831b4e</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha1</b></td>
|
||||||
|
<td>46ac7dcf5566ca4a6eadfdead34ea290ab23fc29</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha256</b></td>
|
||||||
|
<td>bc70f90946d19b022fae8740cd3d5b349da29d1b3353cc01c3192ba0ba48ae79</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha512</b></td>
|
||||||
|
<td>90d23fc3bab46009b0c57119b28764aef6a20fe591597c292878be2d08b8bf93ef309319a141c1c40131cc797211ae1fa40c77c9e67ca644693f771f99abe815</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
|
||||||
|
VirusTotal: https://www.virustotal.com/gui/file/bc70f90946d19b022fae8740cd3d5b349da29d1b3353cc01c3192ba0ba48ae79
|
||||||
|
|
||||||
|
## Detection Names
|
||||||
|
|
||||||
a variant of Linux/Mirai.A
|
a variant of Linux/Mirai.A
|
||||||
Backdoor.Linux.cvfs
|
Backdoor.Linux.cvfs
|
||||||
|
@ -28,3 +52,4 @@ Trojan.Linux.Generic.DFB7F
|
||||||
Trojan.Linux.Mirai
|
Trojan.Linux.Mirai
|
||||||
Trojan.Linux.Mirai.K!c
|
Trojan.Linux.Mirai.K!c
|
||||||
Unix.Malware.Agent-6974494-0
|
Unix.Malware.Agent-6974494-0
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,28 @@
|
||||||
# Detection Names
|
|
||||||
|
# Sample Information
|
||||||
|
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td><b>md5</b></td>
|
||||||
|
<td>818f3611e82adae2f5577cc2beda13c2</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha1</b></td>
|
||||||
|
<td>c9dc95d735fb4f3af183b3118e44d337c3f4b1ba</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha256</b></td>
|
||||||
|
<td>d14544d70f8193d9369020701d02a028408646cfd432e344da98c93ceaaa5e87</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha512</b></td>
|
||||||
|
<td>d18e3a7a7af77243f764e06180ebb3cc19c263fd65073ab238dbbd8c0da0d658c3e2863ef3c8e92a0a692c5eb61ed7280b5810375e2b945ecd3e3522481be91d</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
|
||||||
|
VirusTotal: https://www.virustotal.com/gui/file/d14544d70f8193d9369020701d02a028408646cfd432e344da98c93ceaaa5e87
|
||||||
|
|
||||||
|
## Detection Names
|
||||||
|
|
||||||
Backdoor.Linux.ayjk
|
Backdoor.Linux.ayjk
|
||||||
Backdoor.Linux.Mirai
|
Backdoor.Linux.Mirai
|
||||||
|
@ -17,3 +41,4 @@ Trojan.GenericKD.34055387 (B)
|
||||||
Trojan.Gen.NPE
|
Trojan.Gen.NPE
|
||||||
Trojan.Linux.Generic.4!c
|
Trojan.Linux.Generic.4!c
|
||||||
Trojan.Mirai.Linux.77146
|
Trojan.Mirai.Linux.77146
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,28 @@
|
||||||
# Detection Names
|
|
||||||
|
# Sample Information
|
||||||
|
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td><b>md5</b></td>
|
||||||
|
<td>bc5420177b32242d5de286662258639d</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha1</b></td>
|
||||||
|
<td>91593d3f07b3c13790ecf98daaaae0cdac800f2f</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha256</b></td>
|
||||||
|
<td>d7df995dd45d5498770389d9e85064cdaa12f623ae9a22b6c61966c70eee5161</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha512</b></td>
|
||||||
|
<td>0ad3c97a0ed49b8ccfaa2047ce90ce92ea2e6a4cfb3385e117cd759134ea09867c65d5b6bc81e47f94728daf07a93da8547bb37da47e877d624664dbd87f6f57</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
|
||||||
|
VirusTotal: https://www.virustotal.com/gui/file/d7df995dd45d5498770389d9e85064cdaa12f623ae9a22b6c61966c70eee5161
|
||||||
|
|
||||||
|
## Detection Names
|
||||||
|
|
||||||
a variant of Linux/Packed.Obfuscated.B suspicious
|
a variant of Linux/Packed.Obfuscated.B suspicious
|
||||||
Backdoor.Sliver!1.FCA0 (CLOUD)
|
Backdoor.Sliver!1.FCA0 (CLOUD)
|
||||||
|
@ -26,3 +50,4 @@ Trojan.Linux.Sliver.4!c
|
||||||
TROJ_GEN.R002H09FP24
|
TROJ_GEN.R002H09FP24
|
||||||
Unix.Malware.Sliver-10012938-0
|
Unix.Malware.Sliver-10012938-0
|
||||||
Win32.Trojan.Malgo.Ximw
|
Win32.Trojan.Malgo.Ximw
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,28 @@
|
||||||
# Detection Names
|
|
||||||
|
# Sample Information
|
||||||
|
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td><b>md5</b></td>
|
||||||
|
<td>e97790c1200e6d5c8f4eed64f1736a5d</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha1</b></td>
|
||||||
|
<td>8df8579b3303221b0aa9955f0e11ab6d24525a1a</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha256</b></td>
|
||||||
|
<td>e27571a89dfbb256bdf2aa7ff0a062bd10bd712c46d7ddc045a8ac85c4903c2f</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha512</b></td>
|
||||||
|
<td>0cb76a4ac2c5787282f31bed1a0a2599258d85890d60cc6a1538548f304b56668840295b99d862a721baa3309e7dc3366b2dbd2819ed39900cc2165dc23a7f70</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
|
||||||
|
VirusTotal: https://www.virustotal.com/gui/file/e27571a89dfbb256bdf2aa7ff0a062bd10bd712c46d7ddc045a8ac85c4903c2f
|
||||||
|
|
||||||
|
## Detection Names
|
||||||
|
|
||||||
Backdoor.Linux.Ganiw.a
|
Backdoor.Linux.Ganiw.a
|
||||||
Backdoor.Linux.Ganiw.H
|
Backdoor.Linux.Ganiw.H
|
||||||
|
@ -37,3 +61,4 @@ Trojan.Linux.Ganiw.a
|
||||||
Trojan.Malware.121218.susgen
|
Trojan.Malware.121218.susgen
|
||||||
Trojan.U.Gen.tr
|
Trojan.U.Gen.tr
|
||||||
Trojan/Win32.PowerGhost.a
|
Trojan/Win32.PowerGhost.a
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,28 @@
|
||||||
# Detection Names
|
|
||||||
|
# Sample Information
|
||||||
|
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td><b>md5</b></td>
|
||||||
|
<td>7b1aec339bee5beed674c8cb576bb881</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha1</b></td>
|
||||||
|
<td>28cc31a46db6970ded6900cc3d6a51c0cb068702</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha256</b></td>
|
||||||
|
<td>e59dd13dc8dbb2c9e3612c6f1188622067ed388f6248567c56479d1677c79e5b</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha512</b></td>
|
||||||
|
<td>08867041b15afdfc586eb3b872859deed5c5b2c8abcdd500db04a0b7a190bf9657e1c6a2f184ec6ec7ed6c5e847235da46459b7896053414ff669138442ac2eb</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
|
||||||
|
VirusTotal: https://www.virustotal.com/gui/file/e59dd13dc8dbb2c9e3612c6f1188622067ed388f6248567c56479d1677c79e5b
|
||||||
|
|
||||||
|
## Detection Names
|
||||||
|
|
||||||
a variant of Linux/Tsunami.NCD
|
a variant of Linux/Tsunami.NCD
|
||||||
Backdoor.BDS/Katien.R
|
Backdoor.BDS/Katien.R
|
||||||
|
@ -35,3 +59,4 @@ Trojan.Linux.Mirai
|
||||||
Trojan/Linux.Tsunami.a
|
Trojan/Linux.Tsunami.a
|
||||||
Trojan.Linux.Tsunami.m!c
|
Trojan.Linux.Tsunami.m!c
|
||||||
Win.Trojan.Tsunami-5
|
Win.Trojan.Tsunami-5
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,28 @@
|
||||||
# Detection Names
|
|
||||||
|
# Sample Information
|
||||||
|
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td><b>md5</b></td>
|
||||||
|
<td>5e4092a39ab18cf9829f87b6d1310f0b</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha1</b></td>
|
||||||
|
<td>c2f14ce4d1a840a8dc84240cd023968e7250d85d</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha256</b></td>
|
||||||
|
<td>e89b79c039776ff64e4979a80fa95c020161a98f8cb434fbfd09f409ba73bd9e</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha512</b></td>
|
||||||
|
<td>6f4d6c7e4e0eff77a02285fbdd3aa602d4d762d50909a4a6cd83098af80fb34f2b2abdba783a88031a759b3a718e0433626e586782afedf5e228467d94e60fe9</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
|
||||||
|
VirusTotal: https://www.virustotal.com/gui/file/e89b79c039776ff64e4979a80fa95c020161a98f8cb434fbfd09f409ba73bd9e
|
||||||
|
|
||||||
|
## Detection Names
|
||||||
|
|
||||||
Adware/Miner
|
Adware/Miner
|
||||||
Application.Linux.Generic.23454
|
Application.Linux.Generic.23454
|
||||||
|
@ -28,3 +52,4 @@ Riskware.Linux.BitCoinMiner.1!c
|
||||||
Trojan.Gen.NPE
|
Trojan.Gen.NPE
|
||||||
Trojan:Linux/CoinMiner
|
Trojan:Linux/CoinMiner
|
||||||
TROJ_GEN.R002C0DF524
|
TROJ_GEN.R002C0DF524
|
||||||
|
|
||||||
|
|
|
@ -1,4 +1,28 @@
|
||||||
# Detection Names
|
|
||||||
|
# Sample Information
|
||||||
|
|
||||||
|
<table>
|
||||||
|
<tr>
|
||||||
|
<td><b>md5</b></td>
|
||||||
|
<td>0017f7b913ce66e4d80f7e78cf830a2b</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha1</b></td>
|
||||||
|
<td>f1bf775746a5c882b9ec003617b2a70cf5a5b029</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha256</b></td>
|
||||||
|
<td>fa0defdabd9fd43fe2ef1ec33574ea1af1290bd3d763fdb2bed443f2bd996d73</td>
|
||||||
|
</tr>
|
||||||
|
<tr>
|
||||||
|
<td><b>sha512</b></td>
|
||||||
|
<td>ff5dd28ba3f5ce1f85f85fa9b65f9f30fbd300f2ca238cb2713da7077b7a0a8ff094cff4d7de9381726925abdd9ea065fa75ccd02fa5a816b71a6f91479363c1</td>
|
||||||
|
</tr>
|
||||||
|
</table>
|
||||||
|
|
||||||
|
VirusTotal: https://www.virustotal.com/gui/file/fa0defdabd9fd43fe2ef1ec33574ea1af1290bd3d763fdb2bed443f2bd996d73
|
||||||
|
|
||||||
|
## Detection Names
|
||||||
|
|
||||||
a variant of Linux/BpfDoor.B
|
a variant of Linux/BpfDoor.B
|
||||||
Backdoor.BPFDoor/Linux!1.EF16 (CLASSIC)
|
Backdoor.BPFDoor/Linux!1.EF16 (CLASSIC)
|
||||||
|
@ -37,3 +61,4 @@ Trojan.Linux.Generic.186585 (B)
|
||||||
Trojan.Linux.Generic.D2D8D9
|
Trojan.Linux.Generic.D2D8D9
|
||||||
Trojan:Linux/LinuxAgent
|
Trojan:Linux/LinuxAgent
|
||||||
Unix.Backdoor.RedMenshen-9950338-1
|
Unix.Backdoor.RedMenshen-9950338-1
|
||||||
|
|
||||||
|
|
Loading…
Reference in a new issue