Thursday, 4 June 2020

ShellShock Payload Sample Linux.Bashlet



Someone kindly shared their sample of the shellshock malware described by the Malware Must die group - you can read their analysis here:

File: fu4k_2485040231A35B7A465361FAF92A512D
Size: 152
MD5: 2485040231A35B7A465361FAF92A512


VIrustotal

SHA256: e74b2ed6b8b005d6c2eea4c761a2565cde9aab81d5005ed86f45ebf5089add81
File name: trzA114.tmp
Detection ratio: 22 / 55
Analysis date: 2014-10-02 05:12:29 UTC ( 6 hours, 50 minutes ago )
Antivirus Result Update
Ad-Aware Linux.Backdoor.H 20141002
Avast ELF:Shellshock-A [Expl] 20141002
Avira Linux/Small.152.A 20141002
BitDefender Linux.Backdoor.H 20141002
DrWeb Linux.BackDoor.Shellshock.2 20141002
ESET-NOD32 Linux/Agent.AB 20141002
Emsisoft Linux.Backdoor.H (B) 20141002
F-Secure Linux.Backdoor.H 20141001
Fortinet Linux/Small.CU!tr 20141002
GData Linux.Backdoor.H 20141002
Ikarus Backdoor.Linux.Small 20141002
K7AntiVirus Trojan ( 0001140e1 ) 20141001
K7GW Trojan ( 0001140e1 ) 20141001
Kaspersky Backdoor.Linux.Small.cu 20141001
MicroWorld-eScan Linux.Backdoor.H 20141002
Qihoo-360 Trojan.Generic 20141002
Sophos Linux/Bdoor-BGG 20141002
Symantec Linux.Bashlet 20141002
Tencent Win32.Trojan.Gen.Vdat 20141002
TrendMicro ELF_BASHLET.A 20141002
TrendMicro-HouseCall ELF_BASHLET.A 20141002
nProtect Linux.Backdoor.H 20141001
More info

No comments:

Post a Comment