× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a8de0ceb406075b359961b5601ac82d0fec389cc700da237ff0cd566219ab5c3
File name: qbotxd
Detection ratio: 17 / 58
Analysis date: 2018-06-12 04:55:35 UTC ( 10 months, 2 weeks ago ) View latest
Antivirus Result Update
Antiy-AVL Trojan[Backdoor]/Linux.Gafgyt.ba 20180612
Avast ELF:DDoS-Y [Trj] 20180612
Avast-Mobile ELF:DDoS-S [Trj] 20180611
AVG ELF:DDoS-Y [Trj] 20180612
ClamAV Unix.Trojan.Mirai-5607483-0 20180611
DrWeb Linux.BackDoor.Fgt.205 20180612
ESET-NOD32 a variant of Linux/Gafgyt.WN 20180612
Fortinet ELF/Gafgyt.WN!tr.bdr 20180612
GData Linux.Trojan-DDoS.Lightaidra.A 20180612
Ikarus Trojan.Linux.Tsunami 20180611
Jiangmin Backdoor.Linux.asvh 20180612
Kaspersky HEUR:Backdoor.Linux.Gafgyt.ba 20180612
Tencent Trojan.Linux.Gafgyt.taa 20180612
TrendMicro Possible_BASHLITE.SMLBN2 20180612
TrendMicro-HouseCall Possible_BASHLITE.SMLBN2 20180612
Zillya Backdoor.Gafgyt.Linux.26815 20180611
ZoneAlarm by Check Point HEUR:Backdoor.Linux.Gafgyt.ba 20180612
Ad-Aware 20180612
AegisLab 20180612
AhnLab-V3 20180611
Alibaba 20180612
ALYac 20180612
Arcabit 20180612
Avira (no cloud) 20180612
AVware 20180612
Baidu 20180612
BitDefender 20180612
Bkav 20180611
CAT-QuickHeal 20180612
CMC 20180611
Comodo 20180612
CrowdStrike Falcon (ML) 20180202
Cybereason 20180308
Cylance 20180612
Cyren 20180612
eGambit 20180612
Emsisoft 20180612
Endgame 20180507
F-Prot 20180612
F-Secure 20180612
Sophos ML 20180601
K7AntiVirus 20180611
K7GW 20180612
Kingsoft 20180612
Malwarebytes 20180612
MAX 20180612
McAfee 20180612
McAfee-GW-Edition 20180612
Microsoft 20180612
eScan 20180612
NANO-Antivirus 20180612
Palo Alto Networks (Known Signatures) 20180612
Panda 20180611
Qihoo-360 20180612
Rising 20180612
SentinelOne (Static ML) 20180225
Sophos AV 20180612
SUPERAntiSpyware 20180612
Symantec 20180612
Symantec Mobile Insight 20180605
TACHYON 20180612
TheHacker 20180608
Trustlook 20180612
VBA32 20180611
VIPRE 20180612
ViRobot 20180612
Webroot 20180612
Yandex 20180609
Zoner 20180612
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on MIPS R3000 machines.
ELF Header
Class ELF32
Data 2's complement, big endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture MIPS R3000
Object file version 0x1
Program headers 4
Section headers 21
ELF sections
ELF Segments
.reginfo
.reginfo
.init
.text
.fini
.rodata
.eh_frame
.ctors
.dtors
.jcr
.data.rel.ro
.data
.got
.sbss
.bss
Segment without sections
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Big endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
MIPS R3000

File identification
MD5 eaab03c0c11fa173e2b9270a253444e3
SHA1 f9870cd44a4bd245da716009a40ac8b3bd21d4ad
SHA256 a8de0ceb406075b359961b5601ac82d0fec389cc700da237ff0cd566219ab5c3
ssdeep
3072:y4OJQI+uhYFJFgddQ7etJ8aChsuUWURjfiUvnLdIiseG2:tOvCxgdsetJ8aCzZ6jfiUvnLdNseG2

File size 168.4 KB ( 172427 bytes )
File type ELF
Magic literal
ELF 32-bit MSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, not stripped

TrID ELF Executable and Linkable format (generic) (100.0%)
Tags
elf

VirusTotal metadata
First submission 2018-06-12 04:55:35 UTC ( 10 months, 2 weeks ago )
Last submission 2019-01-22 23:24:43 UTC ( 3 months ago )
File names 08d4e412293470abec556d82f5250edf0f9f93df
qbotxd
mal
eaab03c0c11fa173e2b9270a253444e3
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!