# Sample Information

<table>
  <tr>
    <td><b>VirusTotal Threat Label</b></td>
    <td><b><span style="color: red">trojan.revil/sodinokibi</span></b></td>
  </tr>
  <tr>
    <td><b>md5</b></td>
    <td>73041d7b9a93d3cda76e2a052ac02e82</td>
  </tr>
  <tr>
    <td><b>sha1</b></td>
    <td>f995852f291e2c946e15d20d020bb8e8defd317f</td>
  </tr>
  <tr>
    <td><b>sha256</b></td>
    <td>776ea636ee33aab6b2db5f46889b027c297280db37400efb091e0d4a9001a7d7</td>
  </tr>
  <tr>
    <td><b>sha512</b></td>
    <td>6f430874949362bf2d9d29153c0f9d0e5c53ea7bf69a44cf14c2627981d87ff0ad45fb12c26223dc33ceebf57b6113db37e347b2b4b2fa7ac037a63edc209371</td>
  </tr>
</table>

**VirusTotal**: https://www.virustotal.com/gui/file/776ea636ee33aab6b2db5f46889b027c297280db37400efb091e0d4a9001a7d7

## Analysis

![analysis](analysis/sample.svg)

## Detection Names

a variant of Linux/Filecoder.Sodinokibi.A  
Detected  
E64/ABRansom.YAVB-  
ELF:Filecoder-BN [Trj]  
Gen:Variant.Trojan.Linux.Revil.1  
Gen:Variant.Trojan.Linux.Revil.1 (B)  
HEUR:Trojan-Ransom.Linux.Agent.z  
Linux.Encoder.92  
Linux/Ransm-K  
Linux.RansomSodinokibi  
Linux.Ransomware.Sodinokibi  
LINUX/Sodinokibi.a  
LINUX/Sodinokibi.G  
Linux.Trojan-Ransom.Agent.Pqil  
Malicious (score: 99)  
malware (ai score=84)  
Malware.LINUX/Sodinokibi.G  
Ransom:Linux/MoneyMessage.K!MTB  
Ransom.Linux.SODINOKIBI.SMYXCFL  
Ransom.Sodinokibi/Linux!1.D7B7 (CLASSIC)  
Ransomware:Linux/Revil.3e7c0b8a  
Static AI - Suspicious ELF  
Trojan.Generic.gyagl  
Trojan-Ransom.Elf.REvil  
Trojan[Ransom]/Linux.Sodin.gen  
Trojan.Trojan.Linux.Revil.1  
Unix.Ransomware.REvil-9876132-0