Summary | ZeroBOX

Category	Machine	Started	Completed
FILE	s1_win7_x6401	April 10, 2024, 1:42 p.m.	April 10, 2024, 1:42 p.m.

Size	535.8KB
Type	ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.6.9, stripped
MD5	`694a672878a1f7945c020a0a3ca74367`
SHA256	`75bfd448e4274cc4e5804c43768f62a36ccb3fc3b1df06e14d9c892daa2cde19`
CRC32	`E84698BC`
ssdeep	`12288:4Ufrcn+vwK5ripVU4tdZ1pNL/pVbzP66ySjQn36Eoj:/fUywKQ7Fb1pNL/p5PfjQn36Eu`
Yara	IsELF - Executable and Linking Format executable file (Linux/Unix)

Name	Response	Post-Analysis Lookup
No hosts contacted.

IP Address	Status	Action
No hosts contacted.

No Suricata Alerts

No Suricata TLS

Lionic	Trojan.Linux.Xorddos.9!c
Elastic	Linux.Trojan.Xorddos
ClamAV	Unix.Malware.Xorddos-9856891-0
Skyhigh	Linux/DDoS-Xor.A
ALYac	Trojan.Linux.Generic.251253
VIPRE	Trojan.Linux.Generic.251253
Sangfor	Suspicious.Linux.Save.a
Arcabit	Trojan.Linux.Generic.D3D575
Symantec	Trojan.Gen.NPE
ESET-NOD32	a variant of Linux/Xorddos.C
TrendMicro-HouseCall	ELF_XORDDOS.SM
McAfee	Linux/DDoS-Xor.A
Avast	ELF:DDOSAgent-AP [Trj]
Cynet	Malicious (score: 99)
Kaspersky	HEUR:Trojan-DDoS.Linux.Xarcen.a
BitDefender	Trojan.Linux.Generic.251253
MicroWorld-eScan	Trojan.Linux.Generic.251253
Rising	Trojan.XorDDoS/Linux!1.A3E4 (CLASSIC)
Emsisoft	Trojan.Linux.Generic.251253 (B)
F-Secure	Trojan.TR/ELF.DDoS.Xor.b
DrWeb	Linux.Siggen.9999
Zillya	Trojan.Xorddos.Linux.93
TrendMicro	ELF_XORDDOS.SM
FireEye	Trojan.Linux.Generic.251253
Sophos	Linux/DDoS-BH
Ikarus	Trojan.Linux.Xorddos
Jiangmin	TrojanDDoS.Linux.qd
Google	Detected
Avira	TR/ELF.DDoS.Xor.b
MAX	malware (ai score=83)
Antiy-AVL	Trojan[DDoS]/Linux.Xarcen.a
Kingsoft	Linux.Trojan-DDoS.Xarcen.a
Microsoft	DoS:Linux/Xorddos.A
ZoneAlarm	HEUR:Trojan-DDoS.Linux.Xarcen.a
GData	Trojan.Linux.Generic.251253
Varist	E32/Xorddos.A.gen!Camelot
AhnLab-V3	Backdoor/Linux.Xorddos.548565
Tencent	Trojan.Linux.Xarcen.c
SentinelOne	Static AI - Malicious ELF
Fortinet	ELF/DDoS.A!tr
AVG	ELF:DDOSAgent-AP [Trj]
alibabacloud	DDoS:Linux/XorDDoS

1.txt