qjerome
b2895c367e
Reviewed-on: #3 Co-authored-by: qjerome <quentin.jerome@circl.lu> Co-committed-by: qjerome <quentin.jerome@circl.lu>
62 lines
1.5 KiB
Markdown
62 lines
1.5 KiB
Markdown
# Sample Information
|
|
|
|
<table>
|
|
<tr>
|
|
<td><b>VirusTotal Threat Label</b></td>
|
|
<td><b><span style="color: red">unknown</span></b></td>
|
|
</tr>
|
|
<tr>
|
|
<td><b>md5</b></td>
|
|
<td>620159aa1a28e52afed78cbf1deaca78</td>
|
|
</tr>
|
|
<tr>
|
|
<td><b>sha1</b></td>
|
|
<td>23b8a650e38ed2af0eee9792e0e705c1851ac0da</td>
|
|
</tr>
|
|
<tr>
|
|
<td><b>sha256</b></td>
|
|
<td>b87ad7dba1d367c437db51045e57835f77e8d9735d5c917c6d16984fbde8a3c5</td>
|
|
</tr>
|
|
<tr>
|
|
<td><b>sha512</b></td>
|
|
<td>ca285004e4e1ab0ad62659a5bda68023c4042e76d8543d34e4eec005e188ad7602d02acc0c9611d1952f20c8986b67706e66551569e8f8d5efb04c737d522569</td>
|
|
</tr>
|
|
</table>
|
|
|
|
**VirusTotal**: https://www.virustotal.com/gui/file/b87ad7dba1d367c437db51045e57835f77e8d9735d5c917c6d16984fbde8a3c5
|
|
|
|
## Analysis
|
|
|
|
![analysis](analysis/sample.svg)
|
|
|
|
## Detection Names
|
|
|
|
Artemis!Trojan
|
|
a variant of Linux/Exploit.Ptrace.F
|
|
Detected
|
|
ELF:Local-AN [Expl]
|
|
EXP/Linux.Loc.G
|
|
Exploit.Elf32.Ptrace.gmrsfc
|
|
Exploit.EXP/Linux.Loc.G
|
|
Exploit.Linux.dc
|
|
Exploit.Linux.Local.g
|
|
Exploit:Linux/Local.G
|
|
Exploit.Linux.Local.V7mc
|
|
Exploit.Local.Linux.10
|
|
Exploit.Ptrace
|
|
Generic.Win32.620159aa1a!MD
|
|
Hack.Exploit.Local.b (CLASSIC)
|
|
Hacktool.Linux.Local.3!c
|
|
Hacktool.Rootkit
|
|
Linux.Exploit.Local.Gplw
|
|
Linux/Local.G!exploit
|
|
Malicious (score: 99)
|
|
Malware@#3v0p2sqqn68wd
|
|
malware (ai score=100)
|
|
Static AI - Malicious ELF
|
|
Trojan[Exploit]/Linux.Local.g
|
|
Trojan.Exploit.Linux.Local.G
|
|
Trojan.Exploit.Linux.Local.G (B)
|
|
Troj/ExpPtr-Gen
|
|
TROJ_Generic
|
|
Unix.Malware.Agent-7437260-0
|