× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a620fa746576a9a2612d88b3e6d7f9ffa5a23b6e85135bc0dd6419b6ba7b79fe
File name: atxhua
Detection ratio: 28 / 55
Analysis date: 2019-02-11 10:34:06 UTC ( 2 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Backdoor.Linux.Gafgyt.1 20190211
AhnLab-V3 Linux/Gafgyt.Gen1 20190211
ALYac Gen:Variant.Backdoor.Linux.Gafgyt.1 20190211
Arcabit Trojan.Backdoor.Linux.Gafgyt.1 20190211
Avast ELF:DDoS-S [Trj] 20190211
Avast-Mobile ELF:DDoS-S [Trj] 20190211
AVG ELF:DDoS-S [Trj] 20190211
Avira (no cloud) LINUX/Gafgyt.opnd 20190211
BitDefender Gen:Variant.Backdoor.Linux.Gafgyt.1 20190211
ClamAV Unix.Trojan.Mirai-5607483-0 20190210
DrWeb Linux.BackDoor.Fgt.9 20190211
Emsisoft Gen:Variant.Backdoor.Linux.Gafgyt.1 (B) 20190211
ESET-NOD32 a variant of Linux/Gafgyt.MT 20190211
F-Secure Malware.LINUX/Gafgyt.opnd 20190211
Fortinet ELF/Gafgyt.WN!tr.bdr 20190211
GData Linux.Trojan.Gafgyt.B 20190211
Ikarus Trojan.Linux.Fgt 20190211
Kaspersky HEUR:Backdoor.Linux.Gafgyt.af 20190211
MAX malware (ai score=82) 20190211
McAfee Linux/Gafgyt.a 20190211
McAfee-GW-Edition Linux/Gafgyt.a 20190211
Microsoft DDoS:Linux/Lightaidra 20190211
eScan Gen:Variant.Backdoor.Linux.Gafgyt.1 20190211
Sophos AV Linux/DDoS-BI 20190211
Symantec Linux.Lightaidra 20190211
Tencent Backdoor.Linux.Gafgyt.ym 20190211
TrendMicro-HouseCall Possible_BASHLITE.SMLBN1 20190211
ZoneAlarm by Check Point HEUR:Backdoor.Linux.Gafgyt.af 20190211
Acronis 20190208
AegisLab 20190211
Alibaba 20180921
Antiy-AVL 20190211
Babable 20180918
Baidu 20190202
Bkav 20190201
CAT-QuickHeal 20190210
CMC 20190210
Comodo 20190211
CrowdStrike Falcon (ML) 20181023
Cybereason 20190109
Cylance 20190211
Cyren 20190211
eGambit 20190211
Endgame 20181108
F-Prot 20190211
Sophos ML 20181128
Jiangmin 20190211
K7AntiVirus 20190211
K7GW 20190211
Kingsoft 20190211
Malwarebytes 20190211
NANO-Antivirus 20190211
Palo Alto Networks (Known Signatures) 20190211
Panda 20190210
Qihoo-360 20190211
Rising 20190211
SentinelOne (Static ML) 20190203
SUPERAntiSpyware 20190206
Symantec Mobile Insight 20190207
TACHYON 20190211
TheHacker 20190203
Trapmine 20190123
Trustlook 20190211
VBA32 20190211
ViRobot 20190211
Webroot 20190211
Yandex 20190210
Zillya 20190208
Zoner 20190211
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on ARM machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI ARM
ABI version 0
Object file type EXEC (Executable file)
Required architecture ARM
Object file version 0x1
Program headers 3
Section headers 20
ELF sections
ELF Segments
.init
.text
.fini
.rodata
.eh_frame
.ctors
.dtors
.jcr
.data
.bss
Segment without sections
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
Unknown (40)

File identification
MD5 90ff6cb29d92fc89378260dcb98af64b
SHA1 3be55ce4d7476e22fbc230c9d7fe1c5b1702d907
SHA256 a620fa746576a9a2612d88b3e6d7f9ffa5a23b6e85135bc0dd6419b6ba7b79fe
ssdeep
3072:8Lvm3w26Raplhx9+eMm3E2xH/SibNA+l6uhzUVvDqVFWt2zHEmu0rQufB+Tjj6:8FKwVvGVFWJmu0rQufB+Tjj6

File size 107.8 KB ( 110384 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, ARM, version 1, statically linked, not stripped

TrID ELF Executable and Linkable format (generic) (100.0%)
Tags
elf via-tor

VirusTotal metadata
First submission 2019-02-11 10:34:06 UTC ( 2 months, 1 week ago )
Last submission 2019-02-11 10:34:06 UTC ( 2 months, 1 week ago )
File names atxhua
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!