× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2353811fdeb649dd0b62dbb59c249a78d0b547a2b6948ecec73d94535c8678f9
File name: zbetcheckin_tracker_rift.arm5
Detection ratio: 18 / 54
Analysis date: 2019-03-14 22:16:01 UTC ( 1 month ago ) View latest
Antivirus Result Update
AhnLab-V3 Linux/Mirai.Gen8 20190314
Antiy-AVL Trojan[Backdoor]/Linux.Mirai.ba 20190314
Avast ELF:Hajime-Q [Trj] 20190314
Avast-Mobile ELF:Mirai-UM [Trj] 20190314
AVG ELF:Hajime-Q [Trj] 20190314
ClamAV Unix.Trojan.Gafgyt-6735924-0 20190314
DrWeb Linux.Mirai.2170 20190314
ESET-NOD32 a variant of Linux/Mirai.DG 20190314
Fortinet ELF/Mirai.AT!tr 20190314
GData Linux.Trojan.Mirai.J 20190314
Jiangmin Backdoor.Linux.cmxq 20190314
Kaspersky HEUR:Backdoor.Linux.Mirai.ba 20190314
McAfee Linux/Mirai.g 20190314
McAfee-GW-Edition Linux/Mirai.g 20190314
Sophos AV Linux/DDoS-CI 20190314
TrendMicro-HouseCall Trojan.Linux.MIRAI.SMMR1 20190314
Zillya Backdoor.Mirai.Linux.53751 20190314
ZoneAlarm by Check Point HEUR:Backdoor.Linux.Mirai.ba 20190314
Acronis 20190313
Ad-Aware 20190314
AegisLab 20190314
Alibaba 20190306
ALYac 20190314
Arcabit 20190314
Avira (no cloud) 20190314
Babable 20180918
Baidu 20190306
BitDefender 20190314
Bkav 20190314
CAT-QuickHeal 20190314
CMC 20190314
Comodo 20190314
CrowdStrike Falcon (ML) 20190212
Cybereason 20190109
Cyren 20190314
eGambit 20190314
Emsisoft 20190314
Endgame 20190215
F-Secure 20190314
Ikarus 20190314
Sophos ML 20190313
K7AntiVirus 20190314
K7GW 20190314
Kingsoft 20190314
Malwarebytes 20190314
MAX 20190314
Microsoft 20190314
eScan 20190314
NANO-Antivirus 20190314
Palo Alto Networks (Known Signatures) 20190314
Panda 20190314
Qihoo-360 20190314
Rising 20190314
SentinelOne (Static ML) 20190311
SUPERAntiSpyware 20190314
Symantec Mobile Insight 20190220
TACHYON 20190314
Tencent 20190314
TheHacker 20190308
TotalDefense 20190314
Trapmine 20190301
Trustlook 20190314
VBA32 20190314
ViRobot 20190314
Yandex 20190314
Zoner 20190314
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on ARM machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI ARM
ABI version 0
Object file type EXEC (Executable file)
Required architecture ARM
Object file version 0x1
Program headers 6
Section headers 18
ELF sections
ELF Segments
Segment without sections
.interp
.interp
.hash
.dynsym
.dynstr
.rel.plt
.init
.plt
.text
.fini
.rodata
.ctors
.dtors
.dynamic
.got
.data
.bss
.dynamic
Segment without sections
Shared libraries
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
Unknown (40)

File identification
MD5 3a0a93e050ff33844e18d457727771e8
SHA1 0da0044b485d63b99f86632999588618d5c9d55e
SHA256 2353811fdeb649dd0b62dbb59c249a78d0b547a2b6948ecec73d94535c8678f9
ssdeep
3072:ZhPselxt4WXhPdhPIhPZD9ZTFVJaSpClku23FLhPYB5we1:Zyelx/7ObDzFV3vnLMw

File size 174.9 KB ( 179108 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, ARM, version 1, dynamically linked (uses shared libs), stripped

TrID ELF Executable and Linkable format (generic) (100.0%)
Tags
elf

VirusTotal metadata
First submission 2019-03-14 22:16:01 UTC ( 1 month ago )
Last submission 2019-03-14 22:16:01 UTC ( 1 month ago )
File names zbetcheckin_tracker_rift.arm5
rift.arm5
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!