Found here:
[1] https://detux.org/report.php?sha256=96a ... 8c9b15c75f
[2] https://detux.org/report.php?sha256=2d5 ... 3e0f9c6112
VT ratio: 0/56
[3] https://www.virustotal.com/en/file/96a8 ... 493205438/
VT ratio: 0/56
[4] https://virustotal.com/ru/file/2d50db92 ... 493205450/
Due to code, it uses mechanism, described in 13-th paragraph: http://seclists.org/bugtraq/2016/Oct/26
Zyarinig name was given by KasperskyLab: HEUR:Backdoor.Linux.Zyarinig.a.
[1] https://detux.org/report.php?sha256=96a ... 8c9b15c75f
[2] https://detux.org/report.php?sha256=2d5 ... 3e0f9c6112
VT ratio: 0/56
[3] https://www.virustotal.com/en/file/96a8 ... 493205438/
VT ratio: 0/56
[4] https://virustotal.com/ru/file/2d50db92 ... 493205450/
Due to code, it uses mechanism, described in 13-th paragraph: http://seclists.org/bugtraq/2016/Oct/26
Zyarinig name was given by KasperskyLab: HEUR:Backdoor.Linux.Zyarinig.a.
