× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b2e4de749c1f43c3bcd4693f3fb6638d4995afe2d5f070545d8492d64a464ffb
File name: tty3.loonysquad.elf.mmd
Detection ratio: 9 / 54
Analysis date: 2016-02-13 21:35:40 UTC ( 2 years, 2 months ago ) View latest
Antivirus Result Update
AegisLab Backdoor.Linux.Tsunami!c 20160213
AVG Linux/Tsunami.CY 20160213
Avira (no cloud) LINUX/Tsunami 20160213
ESET-NOD32 a variant of Linux/Tsunami.NCD 20160213
Fortinet PossibleThreat.P0 20160213
GData Linux.Trojan.Agent.O8TSMW 20160213
Ikarus Trojan.Linux.Tsunami 20160213
Kaspersky HEUR:Backdoor.Linux.Tsunami.bj 20160213
Sophos AV Mal/Generic-S 20160213
Ad-Aware 20160213
Yandex 20160213
AhnLab-V3 20160213
Alibaba 20160204
ALYac 20160213
Antiy-AVL 20160211
Arcabit 20160213
Avast 20160213
Baidu-International 20160213
BitDefender 20160213
Bkav 20160204
ByteHero 20160213
CAT-QuickHeal 20160213
ClamAV 20160213
CMC 20160205
Comodo 20160213
Cyren 20160213
DrWeb 20160213
Emsisoft 20160213
F-Prot 20160213
F-Secure 20160213
Jiangmin 20160213
K7AntiVirus 20160213
K7GW 20160213
Malwarebytes 20160213
McAfee 20160213
McAfee-GW-Edition 20160213
Microsoft 20160213
eScan 20160213
NANO-Antivirus 20160213
nProtect 20160212
Panda 20160213
Qihoo-360 20160213
Rising 20160213
SUPERAntiSpyware 20160213
Symantec 20160213
Tencent 20160213
TheHacker 20160213
TrendMicro 20160213
TrendMicro-HouseCall 20160213
VBA32 20160212
VIPRE 20160213
ViRobot 20160213
Zillya 20160213
Zoner 20160213
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on ARM machines.
ELF Header
Class ELF32
Data 2's complement, big endian
Header version 1 (current)
OS ABI ARM
ABI version 0
Object file type EXEC (Executable file)
Required architecture ARM
Object file version 0x1
Program headers 2
Section headers 0
ELF Segments
Segment without sections
Segment without sections
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Big endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
Unknown (40)

File identification
MD5 a7764276a8e4a2d0aa51348926556fcb
SHA1 ac2087578a90834b5c493151d4ae08f52bccd0a0
SHA256 b2e4de749c1f43c3bcd4693f3fb6638d4995afe2d5f070545d8492d64a464ffb
ssdeep
1536:1kthGass8aSRbS2i4hUQXVSCHqKWvcZvvePC9TxgKxq5:aQuAeqVSC7WEzxNQ

File size 48.7 KB ( 49860 bytes )
File type ELF
Magic literal
ELF 32-bit MSB executable, ARM, version 1, statically linked, stripped

TrID ELF Executable and Linkable format (generic) (100.0%)
Tags
elf via-tor

VirusTotal metadata
First submission 2016-02-11 09:26:33 UTC ( 2 years, 2 months ago )
Last submission 2016-02-24 16:53:09 UTC ( 2 years, 1 month ago )
File names ac2087578a90834b5c493151d4ae08f52bccd0a0_tty3
tty3
tty3.loonysquad.elf.mmd
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!