qjerome
b2895c367e
Reviewed-on: #3 Co-authored-by: qjerome <quentin.jerome@circl.lu> Co-committed-by: qjerome <quentin.jerome@circl.lu>
58 lines
1.5 KiB
Markdown
58 lines
1.5 KiB
Markdown
# Sample Information
|
|
|
|
<table>
|
|
<tr>
|
|
<td><b>VirusTotal Threat Label</b></td>
|
|
<td><b><span style="color: red">trojan.expl/genericrxtd</span></b></td>
|
|
</tr>
|
|
<tr>
|
|
<td><b>md5</b></td>
|
|
<td>85ed1956d405087848be7cbeded6c7e2</td>
|
|
</tr>
|
|
<tr>
|
|
<td><b>sha1</b></td>
|
|
<td>e47fa415628cccca044e4f65f125be9a0b8d4ccf</td>
|
|
</tr>
|
|
<tr>
|
|
<td><b>sha256</b></td>
|
|
<td>9e70725640c4284e2049e4b25c9cc46cca496053cebf69855ec25acc9bd63e05</td>
|
|
</tr>
|
|
<tr>
|
|
<td><b>sha512</b></td>
|
|
<td>80c13bee730b1581d83eaef054e4f002a25a8f41ba848237f3b933a2f3530d4086833eef4a61ca41c54b01d8b10d2c0365081ef18175db5fd8acb2cf67c86130</td>
|
|
</tr>
|
|
</table>
|
|
|
|
**VirusTotal**: https://www.virustotal.com/gui/file/9e70725640c4284e2049e4b25c9cc46cca496053cebf69855ec25acc9bd63e05
|
|
|
|
## Analysis
|
|
|
|
![analysis](analysis/sample.svg)
|
|
|
|
## Detection Names
|
|
|
|
Backdoor[shellcode]:Linux/fackexp.A
|
|
Detected
|
|
E64/Agent.OF
|
|
ELF:Agent-BIN [Expl]
|
|
ELF/TrojanGen.A
|
|
EXP/AVI.Agent.ocayj
|
|
Exploit.Agent
|
|
Exploit.Agent/Linux!1.FD49 (CLASSIC)
|
|
Exploit.EXP/AVI.Agent.ocayj
|
|
GenericRXTD-TM!85ED1956D405
|
|
HEUR:Trojan-Dropper.Linux.Agent.l
|
|
Linux/Exploit.Agent.GU
|
|
Linux.MulDrop.85
|
|
Linux.Trojan-Dropper.Agent.l
|
|
Linux.Trojan-Dropper.Agent.Tnkl
|
|
Malicious (score: 99)
|
|
TrojanDropper.Linux.ed
|
|
Trojan[Exploit]/Linux.Agent.gen
|
|
Trojan.Generic.36318000
|
|
Trojan.Generic.36318000 (B)
|
|
Trojan.Generic.D22A2B30
|
|
Trojan.Gen.NPE
|
|
Trojan.Linux.Agent.b!c
|
|
Trojan:Linux/Multiverze
|
|
TROJ_GEN.R002C0DFD24
|