× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: c3dd3cd64cb67fd24bd83bb5669f042c8f88fbbbddd0f09305827fd566e56baf
File name: 35
Detection ratio: 26 / 58
Analysis date: 2019-01-04 03:38:37 UTC ( 3 months, 3 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Backdoor.Linux.Gafgyt.1 20190103
AhnLab-V3 Linux/Gafgyt.Gen1 20190103
ALYac Gen:Variant.Backdoor.Linux.Gafgyt.1 20190103
Arcabit Trojan.Backdoor.Linux.Gafgyt.1 20190103
Avast ELF:DDoS-S [Trj] 20190103
Avast-Mobile ELF:DDoS-S [Trj] 20190103
AVG ELF:DDoS-S [Trj] 20190104
Avira (no cloud) LINUX/Gafgyt.opnd 20190104
BitDefender Gen:Variant.Backdoor.Linux.Gafgyt.1 20190104
ClamAV Unix.Trojan.Mirai-5607483-0 20190104
DrWeb Linux.BackDoor.Fgt.9 20190104
Emsisoft Gen:Variant.Backdoor.Linux.Gafgyt.1 (B) 20190104
ESET-NOD32 a variant of Linux/Gafgyt.MT 20190104
F-Secure Gen:Variant.Backdoor.Linux.Gafgyt.1 20190104
Fortinet ELF/Gafgyt.WN!tr.bdr 20190104
GData Linux.Trojan.Gafgyt.B 20190104
Ikarus Trojan.Linux.Fgt 20190104
Kaspersky HEUR:Backdoor.Linux.Gafgyt.af 20190104
MAX malware (ai score=87) 20190104
Microsoft DDoS:Linux/Lightaidra 20190104
eScan Gen:Variant.Backdoor.Linux.Gafgyt.1 20190104
Sophos AV Linux/DDoS-BI 20190104
Tencent Trojan.Linux.Gafgyt.bd 20190104
TrendMicro Possible_BASHLITE.SMLBN1 20190104
TrendMicro-HouseCall Possible_BASHLITE.SMLBN1 20190103
ZoneAlarm by Check Point HEUR:Backdoor.Linux.Gafgyt.af 20190103
Acronis 20181227
AegisLab 20190103
Alibaba 20180921
Antiy-AVL 20190103
Babable 20180918
Baidu 20190102
Bkav 20190103
CAT-QuickHeal 20190103
CMC 20190103
Comodo 20190104
CrowdStrike Falcon (ML) 20180202
Cybereason 20180308
Cylance 20190104
Cyren 20190104
eGambit 20190104
Endgame 20181108
F-Prot 20190104
Sophos ML 20181128
Jiangmin 20190104
K7AntiVirus 20190103
K7GW 20190104
Kingsoft 20190104
Malwarebytes 20190104
McAfee 20190104
McAfee-GW-Edition 20190104
NANO-Antivirus 20190104
Palo Alto Networks (Known Signatures) 20190104
Panda 20190103
Qihoo-360 20190104
Rising 20190104
SentinelOne (Static ML) 20181223
SUPERAntiSpyware 20190102
Symantec 20190104
TACHYON 20190104
TheHacker 20181230
TotalDefense 20190103
Trapmine 20190103
Trustlook 20190104
VBA32 20181229
VIPRE 20190103
ViRobot 20190103
Webroot 20190104
Yandex 20181229
Zillya 20190103
Zoner 20190103
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on ARM machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI ARM
ABI version 0
Object file type EXEC (Executable file)
Required architecture ARM
Object file version 0x1
Program headers 3
Section headers 20
ELF sections
ELF Segments
.init
.text
.fini
.rodata
.eh_frame
.ctors
.dtors
.jcr
.data
.bss
Segment without sections
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
Unknown (40)

File identification
MD5 073bceb791feb485ca2e5cf787e7fa21
SHA1 ebbe50cfd57e1648562194b45a9ab82620ad54de
SHA256 c3dd3cd64cb67fd24bd83bb5669f042c8f88fbbbddd0f09305827fd566e56baf
ssdeep
3072:VrTmD86alGlZhlxe+oSzweF7rS+fJi3SB6CJUgazIpvW2RdZRmu0rQufB+Tjj6:VFl5ga8pvWEmu0rQufB+Tjj6

File size 107.8 KB ( 110386 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, ARM, version 1, statically linked, not stripped

TrID ELF Executable and Linkable format (generic) (100.0%)
Tags
elf

VirusTotal metadata
First submission 2019-01-04 03:14:09 UTC ( 3 months, 3 weeks ago )
Last submission 2019-01-08 23:15:21 UTC ( 3 months, 2 weeks ago )
File names 165
35
44
[cpu]
c3dd3cd64cb67fd24bd83bb5669f042c8f88fbbbddd0f09305827fd566e56baf
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!