× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: da109c184abdeeb47ae97c6cfc42280f7d727b23d02dff95f49199d350832482
File name: zbetcheckin_tracker_openssh
Detection ratio: 31 / 58
Analysis date: 2019-01-04 07:36:47 UTC ( 1 month, 2 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Backdoor.Linux.Gafgyt.1 20190104
AhnLab-V3 Linux/Gafgyt.Gen11 20190104
ALYac Gen:Variant.Backdoor.Linux.Gafgyt.1 20190104
Antiy-AVL Trojan[Backdoor]/Linux.Gafgyt.b 20190104
Arcabit Trojan.Backdoor.Linux.Gafgyt.1 20190104
Avast ELF:DDoS-Y [Trj] 20190104
Avast-Mobile ELF:DDoS-S [Trj] 20190103
AVG ELF:DDoS-Y [Trj] 20190104
BitDefender Gen:Variant.Backdoor.Linux.Gafgyt.1 20190104
ClamAV Unix.Trojan.Gafgyt-1 20190104
DrWeb Linux.BackDoor.Fgt.11 20190104
Emsisoft Gen:Variant.Backdoor.Linux.Gafgyt.1 (B) 20190104
ESET-NOD32 a variant of Linux/Gafgyt.C 20190104
F-Secure Gen:Variant.Backdoor.Linux.Gafgyt.1 20190104
Fortinet ELF/Mirai.AE!tr 20190104
GData Linux.Trojan.Gafgyt.B 20190104
Ikarus Trojan.Linux.Gafgyt 20190104
Jiangmin Backdoor.Linux.tgo 20190104
Kaspersky HEUR:Backdoor.Linux.Gafgyt.b 20190104
MAX malware (ai score=85) 20190104
McAfee Linux/Gafgyt.h 20190104
McAfee-GW-Edition Linux/Gafgyt.h 20190104
Microsoft DDoS:Linux/Lightaidra 20190104
eScan Gen:Variant.Backdoor.Linux.Gafgyt.1 20190104
Rising Trojan.Gafgyt/Linux!1.A480 (CLASSIC) 20190104
Sophos AV Linux/DDoS-BI 20190104
Symantec Linux.Gafgyt 20190104
Tencent Backdoor.Linux.Gafgyt.ye 20190104
TrendMicro Possible_BASHLITE.SMLBN1 20190104
TrendMicro-HouseCall Possible_BASHLITE.SMLBN1 20190104
ZoneAlarm by Check Point HEUR:Backdoor.Linux.Gafgyt.b 20190104
Acronis 20181227
AegisLab 20190104
Alibaba 20180921
Avira (no cloud) 20190104
Babable 20180918
Baidu 20190104
Bkav 20190103
CAT-QuickHeal 20190103
CMC 20190103
Comodo 20190104
CrowdStrike Falcon (ML) 20181022
Cybereason 20180225
Cylance 20190104
Cyren 20190104
eGambit 20190104
Endgame 20181108
F-Prot 20190104
Sophos ML 20181128
K7AntiVirus 20190104
K7GW 20190104
Kingsoft 20190104
Malwarebytes 20190104
NANO-Antivirus 20190104
Palo Alto Networks (Known Signatures) 20190104
Panda 20190103
Qihoo-360 20190104
SentinelOne (Static ML) 20181223
SUPERAntiSpyware 20190102
TACHYON 20190104
TheHacker 20181230
TotalDefense 20190103
Trapmine 20190103
Trustlook 20190104
VBA32 20181229
VIPRE 20190104
ViRobot 20190103
Webroot 20190104
Yandex 20181229
Zillya 20190103
Zoner 20190104
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on <unknown> machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture <unknown>
Object file version 0x1
Program headers 3
Section headers 16
ELF sections
ELF Segments
.init
.text
.fini
.rodata
.eh_frame
.ctors
.dtors
.jcr
.data
.got
.bss
Segment without sections
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
SuperH

File identification
MD5 b88b386e2e7e2b48194923dfa2cf8aad
SHA1 21a99eb9c149f6f548d5a28965db7b026b575a54
SHA256 da109c184abdeeb47ae97c6cfc42280f7d727b23d02dff95f49199d350832482
ssdeep
3072:Reb/vxpTh5/EO+zhdhQPoCmko0x5FJgqmj:RezTHc5zhdsoCmko0x5FJgqmj

File size 118.8 KB ( 121639 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Renesas SH, version 1 (SYSV), statically linked, not stripped

TrID ELF Executable and Linkable format (generic) (100.0%)
Tags
elf

VirusTotal metadata
First submission 2019-01-04 07:36:47 UTC ( 1 month, 2 weeks ago )
Last submission 2019-02-14 08:55:15 UTC ( 1 week, 2 days ago )
File names da109c184abdeeb47ae97c6cfc42280f7d727b23d02dff95f49199d350832482
b88b386e2e7e2b48194923dfa2cf8aad
zbetcheckin_tracker_openssh
openssh
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!