× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8b1f672ccaeb9215b6f73e0cac88505ef2b999a1964136c165b8496ef4271b0f
File name: 107
Detection ratio: 30 / 59
Analysis date: 2019-01-10 17:32:38 UTC ( 3 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Linux.Mirai.1 20190110
ALYac Gen:Variant.Linux.Mirai.1 20190110
Antiy-AVL Trojan[Backdoor]/Linux.Mirai.b 20190110
Arcabit Trojan.Linux.Mirai.1 20190110
Avast ELF:Mirai-AAU [Trj] 20190110
Avast-Mobile ELF:Mirai-UM [Trj] 20190110
AVG ELF:Mirai-AAU [Trj] 20190110
Avira (no cloud) LINUX/Mirai.upqey 20190110
BitDefender Gen:Variant.Linux.Mirai.1 20190110
ClamAV Unix.Malware.Agent-6799465-0 20190110
Comodo Malware@#1nfx2jejezo0e 20190110
Cyren ELF/Trojan.RCTC-4 20190110
DrWeb Linux.Mirai.1429 20190110
Emsisoft Gen:Variant.Linux.Mirai.1 (B) 20190110
F-Secure Gen:Variant.Linux.Mirai.1 20190110
Fortinet ELF/Mirai.AE!tr 20190110
GData Gen:Variant.Linux.Mirai.1 20190110
Kaspersky HEUR:Backdoor.Linux.Mirai.b 20190110
MAX malware (ai score=99) 20190110
McAfee Linux/Mirai.l 20190110
McAfee-GW-Edition Linux/Mirai.l 20190110
eScan Gen:Variant.Linux.Mirai.1 20190110
NANO-Antivirus Trojan.ElfArm32.Mirai.flpfum 20190110
Qihoo-360 Win32/Trojan.3c0 20190110
Sophos AV Mal/Generic-S 20190110
Symantec Linux.Mirai!g1 20190110
Tencent Linux.Backdoor.Mirai.Hryh 20190110
TrendMicro Possible_MIRAI.SMLBO13 20190110
TrendMicro-HouseCall Possible_MIRAI.SMLBO13 20190110
ZoneAlarm by Check Point HEUR:Backdoor.Linux.Mirai.b 20190110
Acronis 20190110
AegisLab 20190110
AhnLab-V3 20190110
Alibaba 20180921
AVware 20180925
Babable 20180918
Baidu 20190110
Bkav 20190108
CAT-QuickHeal 20190110
CMC 20190110
CrowdStrike Falcon (ML) 20181023
Cybereason 20190109
Cylance 20190110
eGambit 20190110
Endgame 20181108
ESET-NOD32 20190110
F-Prot 20190110
Ikarus 20190110
Sophos ML 20181128
Jiangmin 20190110
K7AntiVirus 20190110
K7GW 20190110
Kingsoft 20190110
Malwarebytes 20190110
Microsoft 20190110
Palo Alto Networks (Known Signatures) 20190110
Panda 20190109
Rising 20190110
SentinelOne (Static ML) 20181223
SUPERAntiSpyware 20190109
TACHYON 20190110
TheHacker 20190106
TotalDefense 20190110
Trapmine 20190103
Trustlook 20190110
VBA32 20190110
VIPRE 20190109
ViRobot 20190110
Webroot 20190110
Yandex 20190110
Zillya 20190109
Zoner 20190110
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on ARM machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture ARM
Object file version 0x1
Program headers 5
Section headers 29
ELF sections
ELF Segments
.ARM.exidx
.init
.text
.fini
.rodata
.ARM.extab
.ARM.exidx
.eh_frame
.init_array
.fini_array
.jcr
.got
.data
.bss
Segment without sections
Segment without sections
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
Unknown (40)

File identification
MD5 9453f954387e6e16f59f18d41a47daea
SHA1 34fd93e86d77ef2f55f63d3f6ed1021d504d3126
SHA256 8b1f672ccaeb9215b6f73e0cac88505ef2b999a1964136c165b8496ef4271b0f
ssdeep
3072:XQ3esxEpWvY4SxG1/bxnzPhCtbXuNM/92tas:XQuVaSxG1/bxzPMbXQM/92tas

File size 120.8 KB ( 123675 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, ARM, version 1 (SYSV), statically linked, not stripped

TrID ELF Executable and Linkable format (generic) (100.0%)
Tags
elf

VirusTotal metadata
First submission 2018-12-29 20:13:57 UTC ( 3 months, 3 weeks ago )
Last submission 2019-02-14 08:27:50 UTC ( 2 months ago )
File names 136
144
9453f954387e6e16f59f18d41a47daea
117
260
59
67
228
99
224
277
105
107
91
Solstice.arm7
294
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!