× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 930db29ea7149fc65b52bfc173a025b28f19cd2f1f7cd7fff01c814dbe02f298
File name: zbetcheckin_tracker_apache2
Detection ratio: 17 / 58
Analysis date: 2018-12-25 07:41:34 UTC ( 1 month, 4 weeks ago )
Antivirus Result Update
AhnLab-V3 Linux/Gafgyt.Gen23 20181224
Antiy-AVL Trojan[Backdoor]/Linux.Gafgyt.av 20181225
Avast ELF:DDoS-S [Trj] 20181225
Avast-Mobile ELF:DDoS-S [Trj] 20181224
AVG ELF:DDoS-S [Trj] 20181225
Avira (no cloud) LINUX/Gafgyt.opnd 20181224
DrWeb Linux.BackDoor.Fgt.190 20181225
ESET-NOD32 a variant of Linux/Gafgyt.ANI 20181225
Fortinet ELF/Gafgyt.WN!tr 20181225
GData Linux.Trojan.Gafgyt.A 20181225
Ikarus Trojan.Linux.Fgt 20181224
Jiangmin Backdoor.Linux.bsrb 20181225
Kaspersky HEUR:Backdoor.Linux.Gafgyt.av 20181225
McAfee Linux/Gafgyt.h 20181225
McAfee-GW-Edition Linux/Gafgyt.h 20181225
Tencent Trojan.Linux.Gafgyt.bbaa 20181225
ZoneAlarm by Check Point HEUR:Backdoor.Linux.Gafgyt.av 20181225
Acronis 20181224
Ad-Aware 20181225
AegisLab 20181225
Alibaba 20180921
ALYac 20181225
Arcabit 20181225
Babable 20180918
Baidu 20181207
BitDefender 20181225
Bkav 20181224
CAT-QuickHeal 20181224
ClamAV 20181225
CMC 20181224
Comodo 20181225
CrowdStrike Falcon (ML) 20181022
Cybereason 20180308
Cylance 20181225
Cyren 20181225
eGambit 20181225
Emsisoft 20181225
Endgame 20181108
F-Prot 20181225
F-Secure 20181225
Sophos ML 20181128
K7AntiVirus 20181225
K7GW 20181225
Kingsoft 20181225
Malwarebytes 20181225
MAX 20181225
Microsoft 20181225
eScan 20181225
NANO-Antivirus 20181225
Palo Alto Networks (Known Signatures) 20181225
Panda 20181224
Qihoo-360 20181225
Rising 20181225
SentinelOne (Static ML) 20181223
Sophos AV 20181225
SUPERAntiSpyware 20181220
Symantec 20181224
Symantec Mobile Insight 20181215
TACHYON 20181224
TheHacker 20181220
TotalDefense 20181223
Trapmine 20181205
TrendMicro 20181225
TrendMicro-HouseCall 20181225
Trustlook 20181225
VBA32 20181222
VIPRE 20181225
ViRobot 20181225
Webroot 20181225
Yandex 20181223
Zillya 20181222
Zoner 20181225
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on ARM machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI ARM
ABI version 0
Object file type EXEC (Executable file)
Required architecture ARM
Object file version 0x1
Program headers 3
Section headers 20
ELF sections
ELF Segments
.init
.text
.fini
.rodata
.eh_frame
.ctors
.dtors
.jcr
.data
.bss
Segment without sections
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
Unknown (40)

File identification
MD5 5cbff10ce46fa404f55db059b274f97e
SHA1 b8f1a85ba72dd312fcd0d17a959b3b2dfa90888b
SHA256 930db29ea7149fc65b52bfc173a025b28f19cd2f1f7cd7fff01c814dbe02f298
ssdeep
3072:F3FF1uvgPRiABorFD/o7kftetJ8au49Quhszcq6i4oKZfQlD6EjAeE/:CDAg1etJ8au4lCcqgoKZfQlD6EjAeE/

File size 129.4 KB ( 132528 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, ARM, version 1, statically linked, not stripped

TrID ELF Executable and Linkable format (generic) (100.0%)
Tags
elf

VirusTotal metadata
First submission 2018-12-25 07:41:34 UTC ( 1 month, 4 weeks ago )
Last submission 2018-12-25 07:41:34 UTC ( 1 month, 4 weeks ago )
File names zbetcheckin_tracker_apache2
apache2
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!