× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: cfdb2f44a3a1d9833bfe5db389fc9b0dda4826b105517aef43333565c885e4dd
File name: razdzn
Detection ratio: 29 / 58
Analysis date: 2019-02-05 11:00:54 UTC ( 3 months, 2 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Backdoor.Linux.Gafgyt.1 20190205
AhnLab-V3 Linux/Gafgyt03.Gen 20190204
ALYac Gen:Variant.Backdoor.Linux.Gafgyt.1 20190205
Arcabit Trojan.Backdoor.Linux.Gafgyt.1 20190205
Avast ELF:DDoS-Y [Trj] 20190205
Avast-Mobile ELF:DDoS-S [Trj] 20190204
AVG ELF:DDoS-Y [Trj] 20190205
BitDefender Gen:Variant.Backdoor.Linux.Gafgyt.1 20190205
ClamAV Unix.Trojan.Mirai-5607483-0 20190204
DrWeb Linux.BackDoor.Fgt.373 20190205
Emsisoft Gen:Variant.Backdoor.Linux.Gafgyt.1 (B) 20190205
ESET-NOD32 a variant of Linux/Gafgyt.C 20190205
Fortinet ELF/Mirai.AE!tr 20190205
GData Linux.Trojan-DDoS.Lightaidra.A 20190205
Ikarus Trojan.Linux.Gafgyt 20190205
Jiangmin Backdoor.Linux.zum 20190205
Kaspersky HEUR:Backdoor.Linux.Gafgyt.aj 20190205
MAX malware (ai score=84) 20190205
McAfee Linux/Gafgyt.A 20190205
McAfee-GW-Edition Linux/Gafgyt.A 20190205
eScan Gen:Variant.Backdoor.Linux.Gafgyt.1 20190205
NANO-Antivirus Trojan.Elf32.Gafgyt.eikqfj 20190205
Rising Backdoor.Gafgyt/Linux!1.A512 (CLASSIC) 20190205
SentinelOne (Static ML) static engine - malicious 20190203
Sophos AV Linux/DDoS-BI 20190205
Tencent backdoor.linux.gafgyt.y 20190205
TrendMicro Possible_BASHLITE.SMLBE1 20190205
TrendMicro-HouseCall Possible_BASHLITE.SMLBE1 20190205
ZoneAlarm by Check Point HEUR:Backdoor.Linux.Gafgyt.aj 20190205
Acronis 20190130
AegisLab 20190205
Alibaba 20180921
Avira (no cloud) 20190205
Babable 20180918
Baidu 20190202
Bkav 20190201
CAT-QuickHeal 20190204
CMC 20190205
Comodo 20190205
CrowdStrike Falcon (ML) 20181023
Cybereason 20180308
Cylance 20190205
Cyren 20190205
eGambit 20190205
Endgame 20181108
F-Prot 20190205
F-Secure 20190205
Sophos ML 20181128
K7AntiVirus 20190205
K7GW 20190205
Kingsoft 20190205
Malwarebytes 20190205
Microsoft 20190205
Palo Alto Networks (Known Signatures) 20190205
Panda 20190204
Qihoo-360 20190205
SUPERAntiSpyware 20190130
Symantec 20190205
TACHYON 20190205
TheHacker 20190203
TotalDefense 20190205
Trapmine 20190123
Trustlook 20190205
VBA32 20190205
VIPRE 20190203
ViRobot 20190205
Webroot 20190205
Yandex 20190204
Zillya 20190204
Zoner 20190204
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 3
Section headers 16
ELF sections
ELF Segments
.init
.text
.fini
.rodata
.eh_frame
.ctors
.dtors
.jcr
.got.plt
.data
.bss
Segment without sections
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
i386

File identification
MD5 9e67ff3d1df3cbf65bb9d8dbefd96d4e
SHA1 3bcceca2e8c4b4ba68b5a25c10382384e5cd7e18
SHA256 cfdb2f44a3a1d9833bfe5db389fc9b0dda4826b105517aef43333565c885e4dd
ssdeep
3072:KiDxplJdXvP5KqDUP3UsqiCwFAMLln3p8rg+Z0Ua3hgp6W:FDxp5v5PiCCPx3mrg+Z0Ua3hgp6W

File size 117.8 KB ( 120594 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, not stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
elf

VirusTotal metadata
First submission 2019-02-05 11:00:54 UTC ( 3 months, 2 weeks ago )
Last submission 2019-02-05 11:00:54 UTC ( 3 months, 2 weeks ago )
File names razdzn
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!