× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: d9791f4dfd903bf3c7c5258ac4ae92df11fc37c3b1749e15f173c1aeb6fafb67
File name: mysql
Detection ratio: 24 / 57
Analysis date: 2017-05-17 20:10:38 UTC ( 5 days, 22 hours ago )
Antivirus Result Update
Ad-Aware Application.BitCoinMiner.MA 20170517
AhnLab-V3 Linux/Miner.3876568 20170517
Antiy-AVL RiskWare[RiskTool]/Linux.BitCoinMiner.e 20170517
Arcabit Application.BitCoinMiner.MA 20170517
Avast ELF:BitCoinMiner-AI [Trj] 20170517
AVG Linux/Miner_c.DO 20170517
Avira (no cloud) SPR/BitCoinMiner.qpilj 20170517
BitDefender Application.BitCoinMiner.MA 20170517
ClamAV Unix.Malware.Agent-1847048 20170517
Cyren ELF/Application.JAYH 20170517
DrWeb Tool.Linux.BtcMine.86 20170517
Emsisoft Application.BitCoinMiner.MA (B) 20170517
ESET-NOD32 a variant of Linux/BitCoinMiner.Z potentially unsafe 20170517
F-Secure Application.BitCoinMiner.MA 20170517
GData Application.BitCoinMiner.MA 20170517
Ikarus PUA.Linux.Miner 20170517
Jiangmin RiskTool.Linux.aq 20170517
Kaspersky not-a-virus:HEUR:RiskTool.Linux.BitCoinMiner.e 20170517
McAfee Linux/CoinMiner 20170517
McAfee-GW-Edition Linux/CoinMiner 20170517
eScan Application.BitCoinMiner.MA 20170517
Sophos Yet Another Miner (PUA) 20170517
Symantec Trojan.Gen.NPE 20170517
ZoneAlarm by Check Point not-a-virus:HEUR:RiskTool.Linux.BitCoinMiner.e 20170517
AegisLab 20170517
Alibaba 20170517
ALYac 20170517
AVware 20170517
Baidu 20170503
Bkav 20170517
CAT-QuickHeal 20170517
CMC 20170517
Comodo 20170517
CrowdStrike Falcon (ML) 20170130
Endgame 20170515
F-Prot 20170517
Fortinet 20170517
Invincea 20170516
K7AntiVirus 20170517
K7GW 20170517
Kingsoft 20170517
Malwarebytes 20170517
Microsoft 20170517
NANO-Antivirus 20170517
nProtect 20170517
Palo Alto Networks (Known Signatures) 20170517
Panda 20170517
Qihoo-360 20170517
Rising 20170517
SentinelOne (Static ML) 20170516
SUPERAntiSpyware 20170517
Symantec Mobile Insight 20170517
Tencent 20170517
TheHacker 20170516
TotalDefense 20170517
TrendMicro 20170517
TrendMicro-HouseCall 20170517
Trustlook 20170517
VBA32 20170517
VIPRE 20170517
ViRobot 20170517
Webroot 20170517
WhiteArmor 20170517
Yandex 20170517
Zillya 20170517
Zoner 20170517
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Advanced Micro Devices X86-64 machines.
ELF Header
Class ELF64
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Advanced Micro Devices X86-64
Object file version 0x1
Program headers 5
Section headers 29
ELF sections
ELF Segments
.note.ABI-tag
.note.gnu.build-id
.rela.plt
.init
.plt
.text
__libc_freeres_fn
__libc_thread_freeres_fn
.fini
.rodata
__libc_subfreeres
__libc_atexit
__libc_thread_subfreeres
.eh_frame
.gcc_except_table
.init_array
.fini_array
.jcr
.data.rel.ro
.got
.got.plt
.data
.bss
__libc_freeres_ptrs
.note.ABI-tag
.note.gnu.build-id
Segment without sections
Segment without sections
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
64 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
AMD x86-64

File identification
MD5 400d0b70661cab491b7241a33a962e8c
SHA1 2e8ee8d295b5ab6e2fda63b80bdca8a247583ff5
SHA256 d9791f4dfd903bf3c7c5258ac4ae92df11fc37c3b1749e15f173c1aeb6fafb67
ssdeep
49152:s8K8FY7feJZWtE5vTAe9D6na9TqINexpKI8U9X/dgvAIJcjUh7FRDPPZTQ1o/6OJ:S8m7feJlNcLVevAIj7LEf

File size 3.7 MB ( 3876568 bytes )
File type ELF
Magic literal
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, for GNU/Linux 2.6.24, stripped

TrID ELF Executable and Linkable format (generic) (100.0%)
Tags
64bits elf

VirusTotal metadata
First submission 2016-06-08 02:17:17 UTC ( 11 months, 2 weeks ago )
Last submission 2017-04-20 21:43:29 UTC ( 1 month ago )
File names 1
yam345
t0mcat
lady
49cb3f2a7961b97e404d1d89a32f5c1cde4422eb2fedd8447e93153be18f474e
system
d9791f4dfd903bf3c7c5258ac4ae92df11fc37c3b1749e15f173c1aeb6fafb67.bin
output.109620390.txt
yam
AnXqV.yam
systemx
5tf-1478613950.txt
mysql
mpool
hzwk
systemscron
bash
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!