× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 61c9c32100d06680705c022f8b4cec2a5d83bdb9f207c10a34c27c55aab5aa31
File name: sora.x86
Detection ratio: 8 / 57
Analysis date: 2019-01-05 00:00:09 UTC ( 1 month, 2 weeks ago ) View latest
Antivirus Result Update
DrWeb Linux.Mirai.793 20190104
ESET-NOD32 a variant of Linux/Mirai.AT 20190104
Fortinet ELF/Mirai.AT!tr 20190104
Jiangmin Backdoor.Linux.asqp 20190104
Kaspersky HEUR:Backdoor.Linux.Mirai.ba 20190104
SentinelOne (Static ML) static engine - malicious 20181223
Symantec Linux.Mirai 20190104
ZoneAlarm by Check Point HEUR:Backdoor.Linux.Mirai.ba 20190104
Acronis 20181227
Ad-Aware 20190104
AegisLab 20190104
AhnLab-V3 20190104
Alibaba 20180921
ALYac 20190104
Antiy-AVL 20190104
Arcabit 20190104
Avast 20190104
Avast-Mobile 20190104
AVG 20190104
Avira (no cloud) 20190104
Babable 20180918
Baidu 20190104
BitDefender 20190104
Bkav 20190104
CAT-QuickHeal 20190104
ClamAV 20190104
CMC 20190104
Comodo 20190104
CrowdStrike Falcon (ML) 20180202
Cybereason 20180308
Cylance 20190104
Cyren 20190104
eGambit 20190104
Emsisoft 20190104
Endgame 20181108
F-Prot 20190104
F-Secure 20190104
GData 20190104
Ikarus 20190104
Sophos ML 20181128
K7AntiVirus 20190104
K7GW 20190104
Kingsoft 20190104
Malwarebytes 20190104
MAX 20190104
McAfee 20190104
McAfee-GW-Edition 20190104
Microsoft 20190104
eScan 20190104
NANO-Antivirus 20190104
Palo Alto Networks (Known Signatures) 20190104
Panda 20190104
Qihoo-360 20190104
Rising 20190104
Sophos AV 20190104
SUPERAntiSpyware 20190102
TACHYON 20190104
Tencent 20190104
TheHacker 20190104
Trapmine 20190103
TrendMicro 20190104
TrendMicro-HouseCall 20190104
Trustlook 20190104
VBA32 20190104
ViRobot 20190104
Webroot 20190104
Yandex 20181229
Zillya 20190103
Zoner 20190104
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - Linux
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 3
Section headers 0
Packers identified
upx
ELF Segments
Segment without sections
Segment without sections
Segment without sections
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
i386

File identification
MD5 6680728397224a3ec278798239f4f57b
SHA1 5f00e5da3fad9194f90b07fcdf303618a6b6f233
SHA256 61c9c32100d06680705c022f8b4cec2a5d83bdb9f207c10a34c27c55aab5aa31
ssdeep
768:R/QOC0Yhn6RODyFPpW1RI3l14yU1Yc3evco:R/nihnuFPORIV1S33eUo

File size 24.1 KB ( 24728 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (GNU/Linux), statically linked, stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
elf upx via-tor

VirusTotal metadata
First submission 2019-01-05 00:00:09 UTC ( 1 month, 2 weeks ago )
Last submission 2019-01-06 04:32:39 UTC ( 1 month, 1 week ago )
File names sora.x86
61c9c32100d06680705c022f8b4cec2a5d83bdb9f207c10a34c27c55aab5aa31
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!