× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 53d9044045a0f39bf6fff9fe441d8ec61f3464e1f5fb6646e8b6104347ececb9
File name: qbotxdxdxdxdxdxdxd
Detection ratio: 16 / 59
Analysis date: 2018-06-12 04:47:37 UTC ( 10 months, 1 week ago ) View latest
Antivirus Result Update
Antiy-AVL Trojan[Backdoor]/Linux.Gafgyt.ba 20180612
Avast ELF:DDoS-Y [Trj] 20180612
Avast-Mobile ELF:DDoS-S [Trj] 20180611
AVG ELF:DDoS-Y [Trj] 20180612
ClamAV Unix.Trojan.Mirai-5607483-0 20180611
DrWeb Linux.BackDoor.Fgt.203 20180612
ESET-NOD32 a variant of Linux/Gafgyt.WN 20180612
Fortinet ELF/Gafgyt.WN!tr.bdr 20180612
GData Linux.Trojan-DDoS.Lightaidra.A 20180612
Ikarus Trojan.Linux.Tsunami 20180611
Jiangmin Backdoor.Linux.atjz 20180612
Kaspersky HEUR:Backdoor.Linux.Gafgyt.ba 20180612
Tencent Trojan.Linux.Gafgyt.taa 20180612
TrendMicro Possible_BASHLITE.SMLBN2 20180612
TrendMicro-HouseCall Possible_BASHLITE.SMLBN2 20180612
ZoneAlarm by Check Point HEUR:Backdoor.Linux.Gafgyt.ba 20180612
Ad-Aware 20180612
AegisLab 20180612
AhnLab-V3 20180611
Alibaba 20180612
ALYac 20180612
Arcabit 20180612
Avira (no cloud) 20180612
AVware 20180612
Baidu 20180611
BitDefender 20180612
Bkav 20180611
CAT-QuickHeal 20180612
CMC 20180611
Comodo 20180612
CrowdStrike Falcon (ML) 20180202
Cybereason 20180308
Cylance 20180612
Cyren 20180612
eGambit 20180612
Emsisoft 20180612
Endgame 20180507
F-Prot 20180612
F-Secure 20180612
Sophos ML 20180601
K7AntiVirus 20180611
K7GW 20180612
Kingsoft 20180612
Malwarebytes 20180612
MAX 20180612
McAfee 20180612
McAfee-GW-Edition 20180612
Microsoft 20180612
eScan 20180612
NANO-Antivirus 20180612
Palo Alto Networks (Known Signatures) 20180612
Panda 20180611
Qihoo-360 20180612
Rising 20180612
SentinelOne (Static ML) 20180225
Sophos AV 20180612
SUPERAntiSpyware 20180612
Symantec 20180612
Symantec Mobile Insight 20180605
TACHYON 20180612
TheHacker 20180608
Trustlook 20180612
VBA32 20180611
VIPRE 20180612
ViRobot 20180612
Webroot 20180612
Yandex 20180609
Zillya 20180611
Zoner 20180612
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on <unknown> machines.
ELF Header
Class ELF32
Data 2's complement, big endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture <unknown>
Object file version 0x1
Program headers 3
Section headers 17
ELF sections
ELF Segments
.init
.text
.fini
.rodata
.eh_frame
.ctors
.dtors
.jcr
.data
.sdata
.sbss
.bss
Segment without sections
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Big endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
PowerPC

File identification
MD5 318bf9eb6675ff00ec4799ff673da24c
SHA1 7fe4d386250265b3f9fddfb0da0213670665f5ae
SHA256 53d9044045a0f39bf6fff9fe441d8ec61f3464e1f5fb6646e8b6104347ececb9
ssdeep
3072:8jrZNjKtqAGlddQ7etJ8aChsvCoIXH6ATtQHYjg9W2:8jrZNjgqAydsetJ8aCCCBXH6ATtQHYjq

File size 138.0 KB ( 141273 bytes )
File type ELF
Magic literal
ELF 32-bit MSB executable, PowerPC or cisco 4500, version 1 (SYSV), statically linked, not stripped

TrID ELF Executable and Linkable format (generic) (100.0%)
Tags
elf

VirusTotal metadata
First submission 2018-06-12 04:47:37 UTC ( 10 months, 1 week ago )
Last submission 2018-06-13 08:02:26 UTC ( 10 months, 1 week ago )
File names mal
qbotxdxdxdxdxdxdxd
37af39e10d051365e1529d9692f9cd193500d2ee
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!