qjerome
b2895c367e
Reviewed-on: #3 Co-authored-by: qjerome <quentin.jerome@circl.lu> Co-committed-by: qjerome <quentin.jerome@circl.lu>
64 lines
1.5 KiB
Markdown
64 lines
1.5 KiB
Markdown
# Sample Information
|
|
|
|
<table>
|
|
<tr>
|
|
<td><b>VirusTotal Threat Label</b></td>
|
|
<td><b><span style="color: red">unknown</span></b></td>
|
|
</tr>
|
|
<tr>
|
|
<td><b>md5</b></td>
|
|
<td>a0e1c1e0a2c5cdc8af60beda2b581ee1</td>
|
|
</tr>
|
|
<tr>
|
|
<td><b>sha1</b></td>
|
|
<td>555c3d3b9ca1010ccfa9533487e264ad7fe34ecd</td>
|
|
</tr>
|
|
<tr>
|
|
<td><b>sha256</b></td>
|
|
<td>17d8569d683f39d71f051cc0d2d33a662e549635cd74460c72ba1e49224bc35c</td>
|
|
</tr>
|
|
<tr>
|
|
<td><b>sha512</b></td>
|
|
<td>3492b67643a97e7dd607f4d4edc97a36380ed2a85f87fba3ff3e817debff7aa7ad84f7ea884b3340fefe3b0ab37327b789640d3fa6ef1f40acd3b195306a414b</td>
|
|
</tr>
|
|
</table>
|
|
|
|
**VirusTotal**: https://www.virustotal.com/gui/file/17d8569d683f39d71f051cc0d2d33a662e549635cd74460c72ba1e49224bc35c
|
|
|
|
## Analysis
|
|
|
|
![analysis](analysis/sample.svg)
|
|
|
|
## Detection Names
|
|
|
|
Artemis!Trojan
|
|
Backdoor.linux.ganiw.h
|
|
Backdoor/Linux.ku
|
|
Backdoor.Linux.Tsunami.CK
|
|
Backdoor.Linux.Tsunami.CK (B)
|
|
Backdoor.Setag/Linux!1.A3E5 (CLOUD)
|
|
Detected
|
|
ELF:Elknot-AD [Cryp]
|
|
ELF/Setag.B!tr
|
|
ELF_SETAG.DM
|
|
HEUR:Backdoor.Linux.Ganiw.d
|
|
Linux.BackDoor.Gates.9
|
|
Linux.BackDoor.Gates.G
|
|
Linux.Chikdos.B!gen2
|
|
Linux/DDoS-BD
|
|
Linux/Elknot.525288
|
|
LINUX/Setag.332
|
|
Linux/Setag.B
|
|
Malicious (score: 99)
|
|
Malware@#1fpleign4a7nr
|
|
malware (ai score=100)
|
|
Malware.LINUX/Setag.332
|
|
Static AI - Malicious ELF
|
|
Suspicious.Linux.Save.a
|
|
Trojan[Backdoor]/Linux.Ganiw.d
|
|
Trojan.Elf32.Ganiw.eksrqh
|
|
Trojan.Linux.Agent
|
|
Trojan.Linux.Ganiw.m!c
|
|
Trojan:Linux/Multiverze
|
|
Trojan.Setag.Linux.79
|
|
Unix.Malware.Agent-1639378
|