× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 28dd058a1a7f4e76384921927794fadff7f3b06585f648c2bdca8436ddbe4663
File name: tty2.loonysquad.elf.mmd
Detection ratio: 7 / 54
Analysis date: 2016-02-13 21:34:00 UTC ( 1 year, 11 months ago ) View latest
Antivirus Result Update
AegisLab Backdoor.Linux.Tsunami!c 20160213
AVG Linux/Tsunami.CY 20160213
ESET-NOD32 Linux/Tsunami.NGH 20160213
Fortinet PossibleThreat.P0 20160213
Kaspersky HEUR:Backdoor.Linux.Tsunami.bj 20160213
Qihoo-360 Win32/Backdoor.ce6 20160213
Sophos AV Mal/Generic-S 20160213
Ad-Aware 20160213
Yandex 20160213
AhnLab-V3 20160213
Alibaba 20160204
ALYac 20160213
Antiy-AVL 20160211
Arcabit 20160213
Avast 20160213
Avira (no cloud) 20160213
Baidu-International 20160213
BitDefender 20160213
Bkav 20160204
ByteHero 20160213
CAT-QuickHeal 20160213
ClamAV 20160213
CMC 20160205
Comodo 20160213
Cyren 20160213
DrWeb 20160213
Emsisoft 20160213
F-Prot 20160213
F-Secure 20160213
GData 20160213
Ikarus 20160213
Jiangmin 20160213
K7AntiVirus 20160213
K7GW 20160213
Malwarebytes 20160213
McAfee 20160213
McAfee-GW-Edition 20160213
Microsoft 20160213
eScan 20160213
NANO-Antivirus 20160213
nProtect 20160212
Panda 20160213
Rising 20160213
SUPERAntiSpyware 20160213
Symantec 20160213
Tencent 20160213
TheHacker 20160213
TrendMicro 20160213
TrendMicro-HouseCall 20160213
VBA32 20160212
VIPRE 20160213
ViRobot 20160213
Zillya 20160213
Zoner 20160213
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on <unknown> machines.
ELF Header
Class ELF32
Data 2's complement, big endian
Header version 1 (current)
OS ABI UNIX - Linux
ABI version 0
Object file type EXEC (Executable file)
Required architecture <unknown>
Object file version 0x1
Program headers 2
Section headers 0
ELF Segments
Segment without sections
Segment without sections
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Big endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
PowerPC

File identification
MD5 1fc27da0273ce9245d179b9b7f30cd7f
SHA1 7b3e7e3f5a340d6d52f8267145aa3807d92695ab
SHA256 28dd058a1a7f4e76384921927794fadff7f3b06585f648c2bdca8436ddbe4663
ssdeep
768:dylohWa6x20EQTuuXHV6HK68EQGlZqYL79RN10esWLYXp/Ttwu9SvyaWxw:dyKA8rQyuXHV6HK6fZqYFRL0esWLYXp4

File size 40.1 KB ( 41112 bytes )
File type ELF
Magic literal
ELF 32-bit MSB executable, PowerPC or cisco 4500, version 1 (GNU/Linux), statically linked, stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
elf via-tor

VirusTotal metadata
First submission 2016-02-11 09:26:30 UTC ( 1 year, 11 months ago )
Last submission 2016-02-24 16:53:06 UTC ( 1 year, 10 months ago )
File names 7b3e7e3f5a340d6d52f8267145aa3807d92695ab_tty2
tty2
tty2.loonysquad.elf.mmd
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!