# Sample Information

<table>
  <tr>
    <td><b>VirusTotal Threat Label</b></td>
    <td><b><span style="color: red">trojan.mirai/gafgyt</span></b></td>
  </tr>
  <tr>
    <td><b>md5</b></td>
    <td>cadc906c5123702e80d8047cabc77170</td>
  </tr>
  <tr>
    <td><b>sha1</b></td>
    <td>a4e4f736200d84284d67bc41361638ff43f0e99d</td>
  </tr>
  <tr>
    <td><b>sha256</b></td>
    <td>44c21f98d1fe78e1466ddc9dfd1113e1e416934b6a0eb2b1da0bcf27535f7775</td>
  </tr>
  <tr>
    <td><b>sha512</b></td>
    <td>04e43ef9e24f050a2e1223bbcf3f20bac34913d1425929232fd1bf3e4a3f5e5bbc3dac60c0026682be5540a05cfc72d15c123fd5cc5a41636d517b7c1811d3d8</td>
  </tr>
</table>

**VirusTotal**: https://www.virustotal.com/gui/file/44c21f98d1fe78e1466ddc9dfd1113e1e416934b6a0eb2b1da0bcf27535f7775

## Analysis

![analysis](analysis/sample.svg)

## Detection Names

a variant of Linux/Gafgyt.AXI  
Backdoor.Linux.Mirai.wan  
DDoS  
Detected  
E32/ABRisk.EROA-7  
ELF/Mirai.A!tr  
ELF/TrojanGen.A  
Exploit.CVE-2017-17215!8.1058B (TFE:17:5yO1GHIYYTK)  
HEUR:Backdoor.Linux.Mirai.b  
Linux.Backdoor.Mirai.b  
LINUX/Gafgyt.pvebx  
Linux.Siggen.9999  
Mal/Generic-S  
Malicious (score: 99)  
Malware.LINUX/Gafgyt.pvebx  
Other:Malware-gen [Trj]  
Possible_SMMODUPXA  
Suspicious.Linux.Save.a  
Trojan[Backdoor]/Linux.Gafgyt.a  
TrojanDDoS.Linux.nk  
Trojan.Generic.35965739  
Trojan.Generic.35965739 (B)  
Trojan.Generic.D224CB2B  
Trojan.Gen.NPE  
Trojan.Linux.Gafgyt  
Trojan.Linux.Mirai.K!c  
Trojan:Linux/Multiverze  
Trojan.Malware.121218.susgen  
Unix.Trojan.DarkNexus-7679166-0