× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 37ebe98f95256dce11433c4346e904c6c4304729bb73e1aab0583efc36037464
File name: 119
Detection ratio: 26 / 58
Analysis date: 2019-01-09 12:12:52 UTC ( 1 month, 1 week ago ) View latest
Antivirus Result Update
AhnLab-V3 Linux/Gafgyt.Gen28 20190108
Antiy-AVL Trojan[Backdoor]/Linux.Gafgyt.bj 20190109
Avast ELF:DDoS-Y [Trj] 20190109
Avast-Mobile ELF:DDoS-S [Trj] 20190109
AVG ELF:DDoS-Y [Trj] 20190109
Avira (no cloud) LINUX/Gafgyt.stluu 20190109
ClamAV Unix.Trojan.Gafgyt-6735651-0 20190109
Cyren ELF/Trojan.ZUUV-8 20190109
DrWeb Linux.BackDoor.Fgt.1408 20190109
ESET-NOD32 a variant of Linux/Gafgyt.ANR 20190109
Fortinet ELF/Gafgyt.BJ!tr 20190109
GData Linux.Trojan.Agent.GHMYFL 20190109
Jiangmin Backdoor.Linux.blji 20190109
Kaspersky HEUR:Backdoor.Linux.Gafgyt.bj 20190109
MAX malware (ai score=99) 20190109
McAfee Linux/Backdoor-gen.a 20190109
McAfee-GW-Edition Linux/Backdoor-gen.a 20190109
NANO-Antivirus Trojan.Elf64.Gafgyt.flwnaj 20190109
Qihoo-360 Win32/Backdoor.745 20190109
Rising Backdoor.Gafgyt!1.B562 (CLASSIC) 20190109
SentinelOne (Static ML) static engine - malicious 20181223
Symantec Linux.Lightaidra 20190109
Tencent Linux.Backdoor.Gafgyt.Taft 20190109
TrendMicro Possible_BASHLITE.SMLBN3 20190109
TrendMicro-HouseCall Possible_BASHLITE.SMLBN3 20190109
ZoneAlarm by Check Point HEUR:Backdoor.Linux.Gafgyt.bj 20190109
Acronis 20181227
Ad-Aware 20190109
AegisLab 20190109
Alibaba 20180921
ALYac 20190109
Arcabit 20190109
Babable 20180918
Baidu 20190109
BitDefender 20190109
Bkav 20190108
CAT-QuickHeal 20190108
CMC 20190108
Comodo 20190109
CrowdStrike Falcon (ML) 20181022
Cybereason 20190109
Cylance 20190109
eGambit 20190109
Emsisoft 20190109
Endgame 20181108
F-Prot 20190109
F-Secure 20190109
Sophos ML 20181128
K7AntiVirus 20190109
K7GW 20190109
Kingsoft 20190109
Malwarebytes 20190109
Microsoft 20190109
eScan 20190109
Palo Alto Networks (Known Signatures) 20190109
Panda 20190108
Sophos AV 20190109
SUPERAntiSpyware 20190102
TACHYON 20190109
TheHacker 20190106
TotalDefense 20190109
Trapmine 20190103
Trustlook 20190109
VBA32 20190108
VIPRE 20190108
ViRobot 20190109
Webroot 20190109
Yandex 20181229
Zillya 20190108
Zoner 20190109
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Advanced Micro Devices X86-64 machines.
ELF Header
Class ELF64
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Advanced Micro Devices X86-64
Object file version 0x1
Program headers 3
Section headers 15
ELF sections
ELF Segments
.init
.text
.fini
.rodata
.eh_frame
.ctors
.dtors
.jcr
.data
.bss
Segment without sections
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
64 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
AMD x86-64

File identification
MD5 5bede1cc012ca8223f944402fb53c3d4
SHA1 6a4cdc6987b113a0c84ae443db1012272fec7280
SHA256 37ebe98f95256dce11433c4346e904c6c4304729bb73e1aab0583efc36037464
ssdeep
1536:c78nEYCEGS1l345pdSuGS36lDGvtYSZNmA+JWOVjhHZ4xX:ScCEGS1ZqYuGO6l4thPm/JWOVtHZ4xX

File size 80.8 KB ( 82753 bytes )
File type ELF
Magic literal
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, not stripped

TrID ELF Executable and Linkable format (generic) (100.0%)
Tags
64bits elf

VirusTotal metadata
First submission 2019-01-08 08:38:42 UTC ( 1 month, 1 week ago )
Last submission 2019-01-28 21:51:17 UTC ( 3 weeks ago )
File names 290
190
37ebe98f95256dce11433c4346e904c6c4304729bb73e1aab0583efc36037464
360
118
45
173
41
119
5bede1cc012ca8223f944402fb53c3d4
53
82
Demon.x86
33
260
102
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!