× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e152fac675653c50fa2be1b37c12fea80ae1f02a237667151e9282edad6a9242
File name: minerd1876
Detection ratio: 5 / 52
Analysis date: 2014-11-25 18:55:20 UTC ( 2 years, 4 months ago )
Antivirus Result Update
Avast ELF:BitCoinMiner-K [Tool] 20141125
DrWeb Tool.Linux.BtcMine.4 20141125
ESET-NOD32 Linux/BitCoinMiner.H 20141125
Kaspersky not-a-virus:HEUR:RiskTool.Linux.BitCoinMiner.a 20141125
Qihoo-360 Trojan.Generic 20141125
Ad-Aware 20141125
AegisLab 20141125
Yandex 20141124
AhnLab-V3 20141125
Antiy-AVL 20141125
AVG 20141125
Avira (no cloud) 20141125
AVware 20141121
Baidu-International 20141125
BitDefender 20141125
Bkav 20141120
ByteHero 20141125
CAT-QuickHeal 20141125
ClamAV 20141125
Comodo 20141125
Cyren 20141125
Emsisoft 20141125
F-Prot 20141125
F-Secure 20141125
Fortinet 20141125
GData 20141125
Ikarus 20141125
Jiangmin 20141124
K7AntiVirus 20141125
K7GW 20141125
Kingsoft 20141125
Malwarebytes 20141125
McAfee 20141125
McAfee-GW-Edition 20141125
Microsoft 20141125
eScan 20141125
NANO-Antivirus 20141125
Norman 20141125
nProtect 20141125
Panda 20141125
Rising 20141124
Sophos 20141125
SUPERAntiSpyware 20141125
Symantec 20141125
Tencent 20141125
TheHacker 20141124
TrendMicro-HouseCall 20141125
VBA32 20141125
VIPRE 20141125
ViRobot 20141125
Zillya 20141124
Zoner 20141125
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Advanced Micro Devices X86-64 machines.
ELF Header
Class ELF64
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Advanced Micro Devices X86-64
Object file version 0x1
Program headers 8
Section headers 30
ELF sections
ELF Segments
Segment without sections
.interp
.interp
.note.ABI-tag
.note.gnu.build-id
.hash
.gnu.hash
.dynsym
.dynstr
.gnu.version
.gnu.version_r
.rela.dyn
.rela.plt
.init
.plt
.text
.fini
.rodata
.eh_frame_hdr
.eh_frame
.init_array
.fini_array
.jcr
.data.rel.ro
.dynamic
.got
.got.plt
.data
.bss
.dynamic
.note.ABI-tag
.note.gnu.build-id
.eh_frame_hdr
Segment without sections
Shared libraries
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
64 bit

FileType
ELF executable

FileAccessDate
2014:11:25 19:55:38+01:00

ObjectFileType
Executable file

CPUType
AMD x86-64

FileCreateDate
2014:11:25 19:55:38+01:00

Compressed bundles
File identification
MD5 007471071fb57f52e60c57cb7ecca6c9
SHA1 bf9fb5fd55958462326c76809b02af8e07d832a2
SHA256 e152fac675653c50fa2be1b37c12fea80ae1f02a237667151e9282edad6a9242
ssdeep
6144:Fukbqtw2pNaoas7tzDhBYzFj5LtoprOSIn9+3Cd070go/9hY+SUvCuUOF9/nXTBO:FX+ttNhJNDh+JJterfISj2r5F9/XTql

File size 583.4 KB ( 597440 bytes )
File type ELF
Magic literal
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.26, stripped

TrID ELF Executable and Linkable format (Linux) (49.7%)
ELF Executable and Linkable format (generic) (49.4%)
Lumena CEL bitmap (0.7%)
Tags
64bits elf

VirusTotal metadata
First submission 2014-03-16 09:49:11 UTC ( 3 years ago )
Last submission 2014-11-25 18:55:20 UTC ( 2 years, 4 months ago )
File names minerd
minerd
minerd_x64
minerd1876
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!