× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 42384afa9ac2418a71ee509ada6e37f074eb1e95370e96bfcb80adbabd1e6652
File name: 63
Detection ratio: 11 / 52
Analysis date: 2019-01-08 04:58:57 UTC ( 1 month, 1 week ago ) View latest
Antivirus Result Update
AegisLab Trojan.Linux.Mirai.4!c 20190108
DrWeb Linux.Mirai.754 20190107
ESET-NOD32 a variant of Linux/Mirai.L 20190108
Fortinet ELF/Mirai.AE!tr 20190108
Jiangmin Backdoor.Linux.avjd 20190107
Kaspersky HEUR:Backdoor.Linux.Mirai.ad 20190108
Qihoo-360 Win32/Backdoor.996 20190108
SentinelOne (Static ML) static engine - malicious 20181223
Symantec Linux.Mirai 20190108
Tencent Trojan.Linux.Mirai.cj 20190108
ZoneAlarm by Check Point HEUR:Backdoor.Linux.Mirai.ad 20190108
Acronis 20181227
Ad-Aware 20190108
AhnLab-V3 20190108
Alibaba 20180921
ALYac 20190108
Arcabit 20190107
Avast 20190107
Avast-Mobile 20190107
AVG 20190107
Avira (no cloud) 20190107
Babable 20180918
Baidu 20190107
Bkav 20190107
CAT-QuickHeal 20190107
ClamAV 20190107
CMC 20190107
Comodo 20190107
CrowdStrike Falcon (ML) 20181022
Cybereason 20180225
Cylance 20190108
Cyren 20190107
eGambit 20190108
Emsisoft 20190107
Endgame 20181108
F-Prot 20190108
F-Secure 20190108
Sophos ML 20181128
K7AntiVirus 20190108
K7GW 20190108
Kingsoft 20190108
MAX 20190108
McAfee 20190108
eScan 20190108
NANO-Antivirus 20190108
Palo Alto Networks (Known Signatures) 20190108
Panda 20190107
Rising 20190108
Sophos AV 20190108
SUPERAntiSpyware 20190102
TACHYON 20190108
TheHacker 20190106
TotalDefense 20190107
Trapmine 20190103
TrendMicro 20190108
TrendMicro-HouseCall 20190108
Trustlook 20190108
VBA32 20190104
VIPRE 20190107
ViRobot 20190108
Webroot 20190108
Yandex 20181229
Zillya 20190105
Zoner 20190108
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - Linux
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 3
Section headers 0
Packers identified
upx
ELF Segments
Segment without sections
Segment without sections
Segment without sections
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
i386

Execution parents
File identification
MD5 a0dda25827353e654a4f770192404843
SHA1 2391ecea17b01419998c04ee923bb291f4ec5664
SHA256 42384afa9ac2418a71ee509ada6e37f074eb1e95370e96bfcb80adbabd1e6652
ssdeep
768:fR4P4xTMpQfqGhYjA8DKNtK3nusq+uSfb7Y:ZmaSGuk1NU3u7FEI

File size 27.7 KB ( 28368 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (GNU/Linux), statically linked, stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
elf upx

VirusTotal metadata
First submission 2019-01-08 02:27:44 UTC ( 1 month, 1 week ago )
Last submission 2019-01-12 17:53:19 UTC ( 1 month, 1 week ago )
File names Tsunami.x86
42384afa9ac2418a71ee509ada6e37f074eb1e95370e96bfcb80adbabd1e6652
63
38
220
12
172
Tsunami.x86
130
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!