× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: deb2135b80f86de4e0e6a55e243e28c728e39aad53d9df4e341ed5b192ba5708
File name: mal
Detection ratio: 18 / 60
Analysis date: 2019-04-15 17:00:52 UTC ( 1 month ago )
Antivirus Result Update
AhnLab-V3 Linux/Mirai.Gen10 20190415
Avast ELF:Mirai-BZ [Trj] 20190415
Avast-Mobile ELF:Mirai-FY [Trj] 20190415
AVG ELF:Mirai-BZ [Trj] 20190415
DrWeb Linux.Mirai.793 20190415
ESET-NOD32 a variant of Linux/Mirai.A 20190415
Fortinet ELF/Mirai.AT!tr 20190415
Ikarus Trojan.Linux.Mirai 20190415
Jiangmin Backdoor.Linux.cqhj 20190415
Kaspersky HEUR:Backdoor.Linux.Mirai.b 20190415
McAfee Linux/Mirai.f 20190415
McAfee-GW-Edition Linux/Mirai.f 20190415
Qihoo-360 virus.elf.mirai.c 20190415
SentinelOne (Static ML) DFI - Malicious ELF 20190407
Tencent Trojan.Linux.Mirai.cj 20190415
TrendMicro Possible_MIRAI.SMLBO2 20190415
TrendMicro-HouseCall Possible_MIRAI.SMLBO2 20190415
ZoneAlarm by Check Point HEUR:Backdoor.Linux.Mirai.b 20190415
Acronis 20190415
Ad-Aware 20190415
AegisLab 20190415
Alibaba 20190401
ALYac 20190415
Antiy-AVL 20190415
Arcabit 20190415
Avira (no cloud) 20190415
Babable 20180918
Baidu 20190318
BitDefender 20190415
Bkav 20190412
CAT-QuickHeal 20190414
ClamAV 20190415
CMC 20190321
Comodo 20190415
CrowdStrike Falcon (ML) 20190212
Cybereason 20190403
Cylance 20190415
Cyren 20190415
eGambit 20190415
Emsisoft 20190415
Endgame 20190403
F-Prot 20190415
F-Secure 20190415
FireEye 20190415
GData 20190415
Sophos ML 20190313
K7AntiVirus 20190415
K7GW 20190415
Kingsoft 20190415
Malwarebytes 20190415
MAX 20190415
Microsoft 20190415
eScan 20190415
NANO-Antivirus 20190415
Palo Alto Networks (Known Signatures) 20190415
Panda 20190415
Rising 20190415
Sophos AV 20190415
SUPERAntiSpyware 20190410
Symantec 20190415
Symantec Mobile Insight 20190410
TACHYON 20190415
TheHacker 20190411
TotalDefense 20190413
Trapmine 20190325
Trustlook 20190415
VBA32 20190415
VIPRE 20190415
ViRobot 20190415
Webroot 20190415
Yandex 20190412
Zillya 20190415
Zoner 20190414
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 3
Section headers 10
ELF sections
ELF Segments
.init
.text
.fini
.rodata
.ctors
.dtors
.data
.bss
Segment without sections
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
i386

File identification
MD5 244ffd9f7df9388f02582c5a1d84b02a
SHA1 d308a76e9c9761dfe9ea2ca31cf960416fbc8b57
SHA256 deb2135b80f86de4e0e6a55e243e28c728e39aad53d9df4e341ed5b192ba5708
ssdeep
1536:IR99G7O9vwitb/XZz+aXtEgTTrbSSW7p/d6reFt6HuQ4d:q9G7O1witb/XZz+aXqCr+SWF/Qreb6OZ

File size 64.6 KB ( 66136 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
elf

VirusTotal metadata
First submission 2019-04-15 17:00:52 UTC ( 1 month ago )
Last submission 2019-04-15 17:00:52 UTC ( 1 month ago )
File names mal
loligang.x86
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!