× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2356c1d64995ee825c728957f7428543101c3271ac46e78ce2c98278a4480e4d
File name: 9c677dd17279a43325556ec5662feba0
Detection ratio: 32 / 52
Analysis date: 2019-02-27 08:08:11 UTC ( 3 weeks, 6 days ago )
Antivirus Result Update
Ad-Aware Trojan.Linux.Mirai.ARW 20190227
ALYac Backdoor.Linux.Mirai 20190227
Antiy-AVL Trojan[Backdoor]/Linux.Mirai.y 20190227
Arcabit Trojan.Linux.Mirai.ARW 20190227
Avast ELF:Gafgyt-HR [Trj] 20190227
Avast-Mobile ELF:Mirai-GA [Trj] 20190227
AVG ELF:Gafgyt-HR [Trj] 20190227
Avira (no cloud) LINUX/Mirai.shppx 20190227
BitDefender Trojan.Linux.Mirai.ARW 20190227
CAT-QuickHeal BackDoor.Linux.5070.GC 20190225
ClamAV Unix.Malware.Agent-6707884-0 20190227
Cyren ELF/Trojan.ILWX-8 20190227
DrWeb Linux.Mirai.943 20190227
Emsisoft Trojan.Linux.Mirai.ARW (B) 20190227
ESET-NOD32 Linux/Mirai.AV 20190227
Fortinet Linux/Mirai.Y!tr.bdr 20190227
GData Trojan.Linux.Mirai.ARW 20190227
Ikarus Linux.Mirai 20190227
Jiangmin Backdoor.Linux.akzj 20190227
Kaspersky HEUR:Backdoor.Linux.Mirai.y 20190227
MAX malware (ai score=98) 20190227
McAfee Linux/BackDoor-Mirai 20190227
McAfee-GW-Edition Linux/BackDoor-Mirai 20190227
Microsoft Backdoor:Linux/Mirai!rfn 20190227
eScan Trojan.Linux.Mirai.ARW 20190227
NANO-Antivirus Trojan.Elf32.Mirai.exaime 20190227
Qihoo-360 Win32/Trojan.be8 20190227
Sophos AV Linux/DDoS-CI 20190227
Symantec Linux.Mirai 20190227
Tencent Backdoor.Linux.Mirai.c 20190227
ViRobot Linux.S.Mirai.50980 20190227
ZoneAlarm by Check Point HEUR:Backdoor.Linux.Mirai.y 20190227
Acronis 20190222
AegisLab 20190227
AhnLab-V3 20190227
Alibaba 20180921
Babable 20180918
Baidu 20190215
CMC 20190227
Comodo 20190227
CrowdStrike Falcon (ML) 20190212
Cybereason 20190109
eGambit 20190227
Endgame 20190215
F-Secure 20190227
Sophos ML 20181128
K7AntiVirus 20190227
K7GW 20190227
Kingsoft 20190227
Malwarebytes 20190227
Palo Alto Networks (Known Signatures) 20190227
Panda 20190227
SentinelOne (Static ML) 20190203
SUPERAntiSpyware 20190220
Symantec Mobile Insight 20190220
TACHYON 20190227
TheHacker 20190225
TotalDefense 20190227
Trapmine 20190123
Trustlook 20190227
VBA32 20190227
VIPRE 20190225
Webroot 20190227
Yandex 20190226
Zoner 20190227
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on <unknown> machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture <unknown>
Object file version 0x1
Program headers 8
Section headers 22
ELF sections
ELF Segments
Segment without sections
.interp
.interp
.note.ABI-tag
.hash
.dynsym
.dynstr
.rela.plt
.init
.plt
.text
.fini
.rodata
.eh_frame
.ctors
.dtors
.dynamic
.got.plt
.data
.bss
.dynamic
.note.ABI-tag
Segment without sections
.ctors
.dtors
.dynamic
Shared libraries
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
Unknown (93)

Compressed bundles
File identification
MD5 9c677dd17279a43325556ec5662feba0
SHA1 1d8e664214ef308311ae7ec1422a0dd2d2ef43ca
SHA256 2356c1d64995ee825c728957f7428543101c3271ac46e78ce2c98278a4480e4d
ssdeep
768:bO2Xq2qUgP/Du4I7/q2ZkxuxGqMVLBPQFAiZ+YiuoJbWkswm9NrE241Qy56tDP:a1zn3DufxZkMxGqMVL+miZ+D0pC4tDP

File size 49.8 KB ( 50980 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, ARC Cores Tangent-A5, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 4.8.0, stripped

TrID ELF Executable and Linkable format (generic) (100.0%)
Tags
elf

VirusTotal metadata
First submission 2018-01-14 18:32:50 UTC ( 1 year, 2 months ago )
Last submission 2019-01-25 18:06:45 UTC ( 2 months ago )
File names 9c677dd17279a43325556ec5662feba0.virus
ARC-okiru
9c677dd17279a43325556ec5662feba0
9c677dd17279a43325556ec5662feba0
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!