eset/malware-ioc

Linux/Adware.Adstantinko.B

MikhailKasimov opened this issue · 1 comments

MikhailKasimov commented

Linux/Adware.Adstantinko.B

ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, stripped

MD5: 762ae30efb7c40101ab33a297598f928
SHA1: e0969297f21ce3b3905ace756c427c9695cb9054

[1] https://www.virustotal.com/file/0a94e0487f01376524743196c112a50faacd4b6f8fea676d30741d09aa56595d/analysis/

marc-etienne commented

Thanks for reporting the new sample.

We confirm this is a new version of the component used in their browser extension. They added control flow flattening to obfuscate it further.