× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: b91174e0e79b072f400790d4d91ee944417747d7adc2424f68088a3c9c01ce53
File name: GayFgt.Crypted.ARM.mmd
Detection ratio: 13 / 56
Analysis date: 2016-04-08 21:29:35 UTC ( 1 year, 6 months ago ) View latest
Antivirus Result Update
AegisLab Backdoor.Linux.Gafgyt!c 20160408
Avast ELF:Tsunami-DF [Trj] 20160408
AVG Linux/Fgt 20160408
Avira (no cloud) LINUX/Gafgyt.fhcj 20160408
Comodo UnclassifiedMalware 20160408
DrWeb Linux.BackDoor.Fgt.177 20160408
ESET-NOD32 Linux/Gafgyt.JW 20160408
GData Linux.Trojan.Agent.FOGA9X 20160408
Ikarus Trojan.Linux.Gafgyt 20160408
Jiangmin Backdoor.Linux.bgy 20160408
Kaspersky HEUR:Backdoor.Linux.Gafgyt.e 20160408
Qihoo-360 Win32/Backdoor.50f 20160408
Sophos AV Mal/Generic-S 20160408
Ad-Aware 20160408
AhnLab-V3 20160408
Alibaba 20160408
ALYac 20160408
Antiy-AVL 20160408
Arcabit 20160408
AVware 20160408
Baidu 20160408
Baidu-International 20160408
BitDefender 20160408
Bkav 20160408
CAT-QuickHeal 20160407
ClamAV 20160408
CMC 20160408
Cyren 20160408
Emsisoft 20160408
F-Prot 20160408
F-Secure 20160408
Fortinet 20160404
K7AntiVirus 20160408
K7GW 20160404
Kingsoft 20160408
Malwarebytes 20160408
McAfee 20160408
McAfee-GW-Edition 20160408
Microsoft 20160408
eScan 20160408
NANO-Antivirus 20160408
nProtect 20160408
Panda 20160408
Rising 20160408
SUPERAntiSpyware 20160408
Symantec 20160408
Tencent 20160408
TheHacker 20160408
TrendMicro 20160408
TrendMicro-HouseCall 20160408
VBA32 20160408
VIPRE 20160408
ViRobot 20160408
Yandex 20160406
Zillya 20160408
Zoner 20160408
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on ARM machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI ARM
ABI version 0
Object file type EXEC (Executable file)
Required architecture ARM
Object file version 0x1
Program headers 3
Section headers 13
ELF sections
ELF Segments
.init
.text
.fini
.rodata
.eh_frame
.ctors
.dtors
.jcr
.data
.bss
Segment without sections
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
Unknown (40)

File identification
MD5 7102b25e3b3ac7294fdc4f453e160f5b
SHA1 531afb94549bfc5daccaa3543b7cb447089c456d
SHA256 b91174e0e79b072f400790d4d91ee944417747d7adc2424f68088a3c9c01ce53
ssdeep
1536:tehCreleW//2/Hguas0cbMhf8FSic9dqzXrXZLmEnuwrwI9UadwZwy2O:tehUW//2/Hguas0cbMhf8FSic9dqzXDS

File size 53.0 KB ( 54232 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, ARM, version 1, statically linked, stripped

TrID ELF Executable and Linkable format (generic) (100.0%)
Tags
elf

VirusTotal metadata
First submission 2016-04-05 13:28:44 UTC ( 1 year, 6 months ago )
Last submission 2016-04-12 03:50:35 UTC ( 1 year, 6 months ago )
File names arm
GayFgt.Crypted.ARM.mmd
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!