ELF_ROOTKIT.DS

 Analysis by: Francis Xavier Antazo

 ALIASES:

VirTool:Linux/Agent.SH (Microsoft); Linux/Rootkit.Agent.SH (ESET); Hacktool.Rootkit (Symantec); Rootkit.Linux.Agent.sh (Kaspersky);

 PLATFORM:

Linux

 OVERALL RISK RATING:
 DAMAGE POTENTIAL:
 DISTRIBUTION POTENTIAL:
 REPORTED INFECTION:
 INFORMATION EXPOSURE:

  • Threat Type: Trojan

  • Destructiveness: No

  • Encrypted:

  • In the wild: Yes

  OVERVIEW

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

  TECHNICAL DETAILS

File Size:

93476 bytes

File Type:

ELF

Memory Resident:

Yes

Initial Samples Received Date:

01 Nov 2010

Arrival Details

This Trojan arrives on a system as a file dropped by other malware or as a file downloaded unknowingly by users when visiting malicious sites.

NOTES:

It requires certain parameters in order for it to run properly.