× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 4ac1c75ee84e1b59b2f05f7739328aa781cd9dbc23b2a53bb96786b339ce30ab
File name: zbetcheckin_tracker_sora.arm7
Detection ratio: 10 / 58
Analysis date: 2019-01-05 07:57:40 UTC ( 3 months, 3 weeks ago ) View latest
Antivirus Result Update
Avast ELF:Mirai-GH [Trj] 20190105
Avast-Mobile ELF:Mirai-GH [Trj] 20190104
AVG ELF:Mirai-GH [Trj] 20190105
DrWeb Linux.Mirai.791 20190105
ESET-NOD32 a variant of Linux/Mirai.AT 20190104
Fortinet ELF/Mirai.IA!tr 20190105
Jiangmin Backdoor.Linux.bgoj 20190105
Kaspersky HEUR:Backdoor.Linux.Mirai.ba 20190105
Symantec Linux.Mirai!g1 20190104
ZoneAlarm by Check Point HEUR:Backdoor.Linux.Mirai.ba 20190105
Acronis 20181227
Ad-Aware 20190105
AegisLab 20190105
AhnLab-V3 20190104
Alibaba 20180921
Antiy-AVL 20190105
Arcabit 20190105
Avira (no cloud) 20190104
AVware 20180925
Babable 20180918
Baidu 20190104
BitDefender 20190105
Bkav 20190104
CAT-QuickHeal 20190104
ClamAV 20190105
CMC 20190104
Comodo 20190105
CrowdStrike Falcon (ML) 20181022
Cybereason 20180225
Cylance 20190105
Cyren 20190105
eGambit 20190105
Emsisoft 20190105
Endgame 20181108
F-Prot 20190105
F-Secure 20190105
GData 20190105
Ikarus 20190104
Sophos ML 20181128
K7AntiVirus 20190104
K7GW 20190104
Kingsoft 20190105
Malwarebytes 20190105
MAX 20190105
McAfee 20190105
McAfee-GW-Edition 20190105
Microsoft 20190105
eScan 20190105
NANO-Antivirus 20190105
Palo Alto Networks (Known Signatures) 20190105
Panda 20190104
Qihoo-360 20190105
Rising 20190105
SentinelOne (Static ML) 20181223
Sophos AV 20190105
SUPERAntiSpyware 20190102
TACHYON 20190105
Tencent 20190105
TheHacker 20190104
TotalDefense 20190104
Trapmine 20190103
TrendMicro 20190105
TrendMicro-HouseCall 20190105
Trustlook 20190105
VBA32 20190104
VIPRE 20190104
ViRobot 20190105
Webroot 20190105
Yandex 20181229
Zillya 20190105
Zoner 20190105
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on ARM machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - Linux
ABI version 0
Object file type EXEC (Executable file)
Required architecture ARM
Object file version 0x1
Program headers 3
Section headers 0
Packers identified
upx
ELF Segments
Segment without sections
Segment without sections
Segment without sections
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
Unknown (40)

File identification
MD5 cdcbd24fca0154f0e2061a4706e05b1c
SHA1 dc99f480c07acb17a2396074ba6feb47893188b2
SHA256 4ac1c75ee84e1b59b2f05f7739328aa781cd9dbc23b2a53bb96786b339ce30ab
ssdeep
768:OPqoipZ08pG8cnyY4IlQjiyCPUWX7QjLs6W9q3UELkrmzZh/fjxIYU8kR2:OPO08pxcny2WCPU07Qj4sLkri7TdU8P

File size 47.4 KB ( 48572 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, ARM, version 1 (GNU/Linux), statically linked, stripped

TrID ELF Executable and Linkable format (generic) (100.0%)
Tags
elf upx

VirusTotal metadata
First submission 2019-01-05 07:57:40 UTC ( 3 months, 3 weeks ago )
Last submission 2019-01-06 04:32:33 UTC ( 3 months, 2 weeks ago )
File names sora.arm7
zbetcheckin_tracker_sora.arm7
4ac1c75ee84e1b59b2f05f7739328aa781cd9dbc23b2a53bb96786b339ce30ab
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!