qjerome
b2895c367e
Reviewed-on: #3 Co-authored-by: qjerome <quentin.jerome@circl.lu> Co-committed-by: qjerome <quentin.jerome@circl.lu>
68 lines
1.7 KiB
Markdown
68 lines
1.7 KiB
Markdown
# Sample Information
|
|
|
|
<table>
|
|
<tr>
|
|
<td><b>VirusTotal Threat Label</b></td>
|
|
<td><b><span style="color: red">unknown</span></b></td>
|
|
</tr>
|
|
<tr>
|
|
<td><b>md5</b></td>
|
|
<td>3b580fa241f0f73f885ad9b364bef5e7</td>
|
|
</tr>
|
|
<tr>
|
|
<td><b>sha1</b></td>
|
|
<td>08534ff1a88547dd76c1948257ab7c78c2b7ab7e</td>
|
|
</tr>
|
|
<tr>
|
|
<td><b>sha256</b></td>
|
|
<td>6ebf51d169240f1c233aaf49da07005eca3529ae4c9b19b9de78f906ad7527a6</td>
|
|
</tr>
|
|
<tr>
|
|
<td><b>sha512</b></td>
|
|
<td>732b628b52e25eafc4f59b7372b8c9a258366b97d50385e64231a6616a61465581213ee02e9c3ac6284022e589e110dd3e3c16d9dd0572e64430bd9d5acb6477</td>
|
|
</tr>
|
|
</table>
|
|
|
|
**VirusTotal**: https://www.virustotal.com/gui/file/6ebf51d169240f1c233aaf49da07005eca3529ae4c9b19b9de78f906ad7527a6
|
|
|
|
## Analysis
|
|
|
|
|
|
|
|
## Detection Names
|
|
|
|
Backdoor.Linux.Ganiw.H
|
|
Backdoor.Linux.Ganiw.H (B)
|
|
Backdoor/Linux.ii
|
|
Backdoor:Linux/Setag.A
|
|
Backdoor.Setag/Linux!1.A3E5 (CLASSIC)
|
|
Backdoor.Win32.S.Agent.1135000.U
|
|
Detected
|
|
Downloader.OpenConnection.JS.100251
|
|
E32/Setag.B
|
|
ELF:Elknot-AE [Trj]
|
|
ELF/Setag.B!tr
|
|
ELF_SETAG.SM
|
|
EXP/ELF.Backdoor.Setag.cc.e
|
|
Exploit.EXP/ELF.Backdoor.Setag.cc.e
|
|
HEUR:Backdoor.Linux.Ganiw.d
|
|
Legacy.Trojan.Agent-1388639
|
|
Linux/Agent.A
|
|
Linux/Backdoor.1135000
|
|
Linux.BackDoor.Gates.9
|
|
Linux.BackDoor.Gates.G
|
|
Linux.Chikdos.B!gen2
|
|
Linux/DDoS-BD
|
|
Linux/Setag.B.Gen
|
|
Linux.Trojan.Ganiw
|
|
Linux.Trojan.Siggen.D
|
|
Malicious (score: 99)
|
|
Malware@#2hph1ko0peawr
|
|
malware (ai score=100)
|
|
Static AI - Malicious ELF
|
|
Trojan.Elf32.Ganiw.dirahp
|
|
Trojan.Linux.Agent
|
|
Trojan.Linux.Elknot.atAE
|
|
Trojan.Linux.Ganiw.a
|
|
Trojan.Malware.121218.susgen
|
|
Trojan/Win32.PowerGhost.a
|