× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 54b2319fbb9a252656059f9bf32b0c36a78bc3f9f38ac713eab222a7c1bf9bf8
File name: zbetcheckin_tracker_pftp
Detection ratio: 32 / 56
Analysis date: 2019-01-12 07:16:15 UTC ( 1 month, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Backdoor.Linux.Gafgyt.1 20190112
AhnLab-V3 Linux/Gafgyt.Gen 20190111
ALYac Gen:Variant.Backdoor.Linux.Gafgyt.1 20190112
Antiy-AVL Trojan[Backdoor]/Linux.Gafgyt.f 20190111
Arcabit Trojan.Backdoor.Linux.Gafgyt.1 20190112
Avast ELF:DDoS-Y [Trj] 20190112
Avast-Mobile ELF:DDoS-S [Trj] 20190111
AVG ELF:DDoS-Y [Trj] 20190112
BitDefender Gen:Variant.Backdoor.Linux.Gafgyt.1 20190112
CAT-QuickHeal Exploit.Linux.Shellshock.A 20190111
ClamAV Unix.Trojan.Gafgyt-111 20190112
DrWeb Linux.BackDoor.Fgt.16 20190112
Emsisoft Gen:Variant.Backdoor.Linux.Gafgyt.1 (B) 20190112
ESET-NOD32 Linux/Gafgyt.WT 20190112
F-Secure Gen:Variant.Backdoor.Linux.Gafgyt.1 20190111
Fortinet ELF/Gafgyt.WN!tr.bdr 20190112
GData Linux.Trojan.Gafgyt.B 20190112
Ikarus DDoS.Linux.Lightaidra 20190112
Jiangmin Backdoor.Linux.gng 20190112
Kaspersky HEUR:Backdoor.Linux.Gafgyt.ac 20190112
MAX malware (ai score=81) 20190112
McAfee Linux/Gafgyt.a 20190112
McAfee-GW-Edition Linux/Gafgyt.a 20190112
Microsoft DDoS:Linux/Lightaidra 20190112
eScan Gen:Variant.Backdoor.Linux.Gafgyt.1 20190112
Rising Backdoor.Gafgyt/Linux!1.A512 (CLASSIC) 20190112
Sophos AV Linux/DDoS-BI 20190112
Symantec Linux.Lightaidra 20190112
Tencent Backdoor.Linux.Gafgyt.ym 20190112
TrendMicro ELF_BASHLITE.SME 20190112
TrendMicro-HouseCall ELF_BASHLITE.SME 20190112
ZoneAlarm by Check Point HEUR:Backdoor.Linux.Gafgyt.ac 20190112
Acronis 20190111
AegisLab 20190112
Alibaba 20180921
Avira (no cloud) 20190112
Baidu 20190111
Bkav 20190108
CMC 20190111
Comodo 20190112
CrowdStrike Falcon (ML) 20181023
Cybereason 20190109
Cylance 20190112
Cyren 20190112
eGambit 20190112
Endgame 20181108
F-Prot 20190112
Sophos ML 20181128
K7AntiVirus 20190111
K7GW 20190112
Kingsoft 20190112
Malwarebytes 20190112
NANO-Antivirus 20190112
Palo Alto Networks (Known Signatures) 20190112
Panda 20190111
Qihoo-360 20190112
SentinelOne (Static ML) 20181223
SUPERAntiSpyware 20190109
TACHYON 20190112
TheHacker 20190106
TotalDefense 20190111
Trapmine 20190103
Trustlook 20190112
VBA32 20190111
ViRobot 20190111
Webroot 20190112
Yandex 20190111
Zillya 20190111
Zoner 20190112
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on MC68000 machines.
ELF Header
Class ELF32
Data 2's complement, big endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture MC68000
Object file version 0x1
Program headers 3
Section headers 15
ELF sections
ELF Segments
.init
.text
.fini
.rodata
.eh_frame
.ctors
.dtors
.jcr
.data
.bss
Segment without sections
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Big endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
Motorola 68000

File identification
MD5 f8473413deb7742c7fa7934755b3e35d
SHA1 6bc81ef649b79adeec913574af49f2b8f743a2ed
SHA256 54b2319fbb9a252656059f9bf32b0c36a78bc3f9f38ac713eab222a7c1bf9bf8
ssdeep
1536:gEUPvCOzEx6on4gC8GbywhzGXQgGUniGcVMbhw7OT8IPzIHUIN:gEU3hAkgCZKAgvTbhw7OQIS

File size 87.3 KB ( 89369 bytes )
File type ELF
Magic literal
ELF 32-bit MSB executable, Motorola 68020, version 1 (SYSV), statically linked, not stripped

TrID ELF Executable and Linkable format (generic) (100.0%)
Tags
elf

VirusTotal metadata
First submission 2019-01-12 07:16:15 UTC ( 1 month, 1 week ago )
Last submission 2019-01-19 09:58:15 UTC ( 1 month ago )
File names zbetcheckin_tracker_pftp
54b2319fbb9a252656059f9bf32b0c36a78bc3f9f38ac713eab222a7c1bf9bf8
f8473413deb7742c7fa7934755b3e35d
pftp
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!