| SHA256: | 61c9c32100d06680705c022f8b4cec2a5d83bdb9f207c10a34c27c55aab5aa31 |
| File name: | sora.x86 |
| Detection ratio: | 8 / 57 |
| Analysis date: | 2019-01-05 00:00:09 UTC ( 1 month, 2 weeks ago ) View latest |
| Antivirus | Result | Update |
|---|---|---|
| DrWeb | Linux.Mirai.793 | 20190104 |
| ESET-NOD32 | a variant of Linux/Mirai.AT | 20190104 |
| Fortinet | ELF/Mirai.AT!tr | 20190104 |
| Jiangmin | Backdoor.Linux.asqp | 20190104 |
| Kaspersky | HEUR:Backdoor.Linux.Mirai.ba | 20190104 |
| SentinelOne (Static ML) | static engine - malicious | 20181223 |
| Symantec | Linux.Mirai | 20190104 |
| ZoneAlarm by Check Point | HEUR:Backdoor.Linux.Mirai.ba | 20190104 |
| Acronis | 20181227 | |
| Ad-Aware | 20190104 | |
| AegisLab | 20190104 | |
| AhnLab-V3 | 20190104 | |
| Alibaba | 20180921 | |
| ALYac | 20190104 | |
| Antiy-AVL | 20190104 | |
| Arcabit | 20190104 | |
| Avast | 20190104 | |
| Avast-Mobile | 20190104 | |
| AVG | 20190104 | |
| Avira (no cloud) | 20190104 | |
| Babable | 20180918 | |
| Baidu | 20190104 | |
| BitDefender | 20190104 | |
| Bkav | 20190104 | |
| CAT-QuickHeal | 20190104 | |
| ClamAV | 20190104 | |
| CMC | 20190104 | |
| Comodo | 20190104 | |
| CrowdStrike Falcon (ML) | 20180202 | |
| Cybereason | 20180308 | |
| Cylance | 20190104 | |
| Cyren | 20190104 | |
| eGambit | 20190104 | |
| Emsisoft | 20190104 | |
| Endgame | 20181108 | |
| F-Prot | 20190104 | |
| F-Secure | 20190104 | |
| GData | 20190104 | |
| Ikarus | 20190104 | |
| Sophos ML | 20181128 | |
| K7AntiVirus | 20190104 | |
| K7GW | 20190104 | |
| Kingsoft | 20190104 | |
| Malwarebytes | 20190104 | |
| MAX | 20190104 | |
| McAfee | 20190104 | |
| McAfee-GW-Edition | 20190104 | |
| Microsoft | 20190104 | |
| eScan | 20190104 | |
| NANO-Antivirus | 20190104 | |
| Palo Alto Networks (Known Signatures) | 20190104 | |
| Panda | 20190104 | |
| Qihoo-360 | 20190104 | |
| Rising | 20190104 | |
| Sophos AV | 20190104 | |
| SUPERAntiSpyware | 20190102 | |
| TACHYON | 20190104 | |
| Tencent | 20190104 | |
| TheHacker | 20190104 | |
| Trapmine | 20190103 | |
| TrendMicro | 20190104 | |
| TrendMicro-HouseCall | 20190104 | |
| Trustlook | 20190104 | |
| VBA32 | 20190104 | |
| ViRobot | 20190104 | |
| Webroot | 20190104 | |
| Yandex | 20181229 | |
| Zillya | 20190103 | |
| Zoner | 20190104 |
The file being studied is an ELF!
More specifically, it is a EXEC (Executable file) ELF
for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - Linux
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 3
Section headers 0
Packers identified
upx
ELF Segments
ExifTool file metadata
MIMEType
application/octet-stream
CPUByteOrder
Little endian
CPUArchitecture
32 bit
FileType
ELF executable
ObjectFileType
Executable file
CPUType
i386
File identification
MD5 6680728397224a3ec278798239f4f57b
SHA1 5f00e5da3fad9194f90b07fcdf303618a6b6f233
SHA256 61c9c32100d06680705c022f8b4cec2a5d83bdb9f207c10a34c27c55aab5aa31
ssdeep
768:R/QOC0Yhn6RODyFPpW1RI3l14yU1Yc3evco:R/nihnuFPORIV1S33eUo
File size
24.1 KB ( 24728 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (GNU/Linux), statically linked, stripped
| TrID |
ELF Executable and Linkable format (Linux) (50.1%) ELF Executable and Linkable format (generic) (49.8%) |
Tags
elf
upx
via-tor
VirusTotal metadata
First submission
2019-01-05 00:00:09 UTC ( 1 month, 2 weeks ago )
Last submission
2019-01-06 04:32:39 UTC ( 1 month, 1 week ago )
| File names |
sora.x86 61c9c32100d06680705c022f8b4cec2a5d83bdb9f207c10a34c27c55aab5aa31 |
No comments.
No VirusTotal Community member has commented on this item yet, be the first one to do so!
You have not signed in. Only registered users can leave comments, sign in and have a voice!
No votes.
No one has voted on this item yet, be the first one to do so!