× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2e2f9b9d3792918e52c38d3d2096a72b07b8e19783b76e6bc1940e3823ea30db
File name: harm6
Detection ratio: 13 / 55
Analysis date: 2019-02-09 11:40:12 UTC ( 2 months, 1 week ago ) View latest
Antivirus Result Update
Avast ELF:Mirai-ADU [Trj] 20190209
Avast-Mobile ELF:Mirai-UM [Trj] 20190209
AVG ELF:Mirai-ADU [Trj] 20190209
DrWeb Linux.Mirai.30 20190209
ESET-NOD32 a variant of Linux/Mirai.L 20190209
Fortinet ELF/Mirai.AE!tr 20190209
Kaspersky HEUR:Backdoor.Linux.Mirai.b 20190209
McAfee Linux/Mirai.f 20190209
McAfee-GW-Edition Linux/Mirai.f 20190209
Sophos AV Linux/DDoS-CIA 20190209
Symantec Linux.Mirai 20190209
Tencent Trojan.Linux.Mirai.ci 20190209
ZoneAlarm by Check Point HEUR:Backdoor.Linux.Mirai.b 20190209
Acronis 20190208
Ad-Aware 20190209
AegisLab 20190209
AhnLab-V3 20190209
Alibaba 20180921
ALYac 20190209
Antiy-AVL 20190209
Arcabit 20190208
Avira (no cloud) 20190209
Babable 20180918
Baidu 20190202
BitDefender 20190209
Bkav 20190201
CAT-QuickHeal 20190208
ClamAV 20190209
CMC 20190209
Comodo 20190209
CrowdStrike Falcon (ML) 20180202
Cybereason 20180308
Cylance 20190209
Cyren 20190209
eGambit 20190209
Emsisoft 20190209
Endgame 20181108
F-Prot 20190209
F-Secure 20190209
GData 20190209
Sophos ML 20181128
Jiangmin 20190209
K7AntiVirus 20190208
K7GW 20190209
Kingsoft 20190209
Malwarebytes 20190209
MAX 20190209
Microsoft 20190209
eScan 20190209
NANO-Antivirus 20190209
Palo Alto Networks (Known Signatures) 20190209
Panda 20190209
Qihoo-360 20190209
Rising 20190209
SentinelOne (Static ML) 20190203
SUPERAntiSpyware 20190206
Symantec Mobile Insight 20190207
TACHYON 20190209
TheHacker 20190203
Trapmine 20190123
TrendMicro 20190209
TrendMicro-HouseCall 20190209
Trustlook 20190209
VBA32 20190208
ViRobot 20190208
Webroot 20190209
Yandex 20190208
Zillya 20190208
Zoner 20190209
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on ARM machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture ARM
Object file version 0x1
Program headers 3
Section headers 12
ELF sections
ELF Segments
.init
.text
.fini
.rodata
.init_array
.fini_array
.got
.data
.bss
Segment without sections
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
Unknown (40)

File identification
MD5 7d5fb0747de14d368d16f51ba3dce339
SHA1 24aa0eb866b18d0afdfeac684ee2ddb8658f56c7
SHA256 2e2f9b9d3792918e52c38d3d2096a72b07b8e19783b76e6bc1940e3823ea30db
ssdeep
1536:OonHRBsMFOHLS4gwSeC/NQmsCLqEno84WYjQRQHE6zvGIzixWz+1rb:5RG/LzgzegNPswq0Y5YBWz+1r

File size 69.3 KB ( 70996 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, ARM, version 1 (SYSV), statically linked, stripped

TrID ELF Executable and Linkable format (generic) (100.0%)
Tags
exploit elf cve-2017-17215 via-tor

VirusTotal metadata
First submission 2019-02-09 11:36:13 UTC ( 2 months, 1 week ago )
Last submission 2019-02-09 11:36:13 UTC ( 2 months, 1 week ago )
File names harm6
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!