malware-dataset/linux/776ea636ee33aab6b2db5f46889b027c297280db37400efb091e0d4a9001a7d7/README.md
qjerome b2895c367e wip-embed-analysis-svg (#3)
Reviewed-on: #3
Co-authored-by: qjerome <quentin.jerome@circl.lu>
Co-committed-by: qjerome <quentin.jerome@circl.lu>
2024-07-02 14:18:24 +00:00

60 lines
1.6 KiB
Markdown

# Sample Information
<table>
<tr>
<td><b>VirusTotal Threat Label</b></td>
<td><b><span style="color: red">trojan.revil/sodinokibi</span></b></td>
</tr>
<tr>
<td><b>md5</b></td>
<td>73041d7b9a93d3cda76e2a052ac02e82</td>
</tr>
<tr>
<td><b>sha1</b></td>
<td>f995852f291e2c946e15d20d020bb8e8defd317f</td>
</tr>
<tr>
<td><b>sha256</b></td>
<td>776ea636ee33aab6b2db5f46889b027c297280db37400efb091e0d4a9001a7d7</td>
</tr>
<tr>
<td><b>sha512</b></td>
<td>6f430874949362bf2d9d29153c0f9d0e5c53ea7bf69a44cf14c2627981d87ff0ad45fb12c26223dc33ceebf57b6113db37e347b2b4b2fa7ac037a63edc209371</td>
</tr>
</table>
**VirusTotal**: https://www.virustotal.com/gui/file/776ea636ee33aab6b2db5f46889b027c297280db37400efb091e0d4a9001a7d7
## Analysis
![analysis](analysis/sample.svg)
## Detection Names
a variant of Linux/Filecoder.Sodinokibi.A
Detected
E64/ABRansom.YAVB-
ELF:Filecoder-BN [Trj]
Gen:Variant.Trojan.Linux.Revil.1
Gen:Variant.Trojan.Linux.Revil.1 (B)
HEUR:Trojan-Ransom.Linux.Agent.z
Linux.Encoder.92
Linux/Ransm-K
Linux.RansomSodinokibi
Linux.Ransomware.Sodinokibi
LINUX/Sodinokibi.a
LINUX/Sodinokibi.G
Linux.Trojan-Ransom.Agent.Pqil
Malicious (score: 99)
malware (ai score=84)
Malware.LINUX/Sodinokibi.G
Ransom:Linux/MoneyMessage.K!MTB
Ransom.Linux.SODINOKIBI.SMYXCFL
Ransom.Sodinokibi/Linux!1.D7B7 (CLASSIC)
Ransomware:Linux/Revil.3e7c0b8a
Static AI - Suspicious ELF
Trojan.Generic.gyagl
Trojan-Ransom.Elf.REvil
Trojan[Ransom]/Linux.Sodin.gen
Trojan.Trojan.Linux.Revil.1
Unix.Ransomware.REvil-9876132-0