× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: ef6dcaf6f0f7d5d4ccabdbc9ddd4e99561ed6136ee96b7592f521245c2d349e8
File name: EF6DCAF6F0F7D5D4CCABDBC9DDD4E99561ED6136EE96B7592F521245C2D349E8
Detection ratio: 18 / 57
Analysis date: 2019-01-30 00:00:54 UTC ( 2 months, 3 weeks ago ) View latest
Antivirus Result Update
AhnLab-V3 Linux/Mirai.Gen3 20190129
Antiy-AVL Trojan[Backdoor]/Linux.Mirai.ba 20190129
Avast ELF:Mirai-HU [Trj] 20190129
Avast-Mobile ELF:Mirai-ID [Trj] 20190128
AVG ELF:Mirai-HU [Trj] 20190129
DrWeb Linux.Mirai.19 20190129
ESET-NOD32 a variant of Linux/Mirai.AT 20190129
Fortinet ELF/Mirai.AT!tr 20190129
GData Linux.Trojan.Mirai.J 20190129
Jiangmin Backdoor.Linux.bnql 20190129
Kaspersky HEUR:Backdoor.Linux.Mirai.ba 20190129
McAfee Linux/mirai.d 20190129
McAfee-GW-Edition Linux/mirai.d 20190129
Symantec Linux.Mirai 20190129
Tencent Backdoor.Linux.Mirai.vu 20190129
TrendMicro Possible_MIRAI.SMLBEM1 20190129
TrendMicro-HouseCall Possible_MIRAI.SMLBEM1 20190129
ZoneAlarm by Check Point HEUR:Backdoor.Linux.Mirai.ba 20190129
Acronis 20190128
Ad-Aware 20190129
AegisLab 20190129
Alibaba 20180921
ALYac 20190129
Arcabit 20190129
Avira (no cloud) 20190129
Babable 20180917
Baidu 20190128
BitDefender 20190129
Bkav 20190129
CAT-QuickHeal 20190129
ClamAV 20190129
CMC 20190129
Comodo 20190129
CrowdStrike Falcon (ML) 20181023
Cybereason 20190109
Cylance 20190129
Cyren 20190129
eGambit 20190129
Emsisoft 20190129
Endgame 20181108
F-Prot 20190129
F-Secure 20190129
Ikarus 20190129
Sophos ML 20181128
K7AntiVirus 20190129
K7GW 20190129
Kingsoft 20190129
Malwarebytes 20190129
MAX 20190129
Microsoft 20190129
eScan 20190129
NANO-Antivirus 20190129
Palo Alto Networks (Known Signatures) 20190129
Panda 20190129
Qihoo-360 20190129
Rising 20190129
SentinelOne (Static ML) 20190124
Sophos AV 20190129
SUPERAntiSpyware 20190123
TACHYON 20190128
TheHacker 20190129
TotalDefense 20190129
Trapmine 20190123
Trustlook 20190129
VBA32 20190129
ViRobot 20190129
Webroot 20190129
Yandex 20190128
Zillya 20190129
Zoner 20190128
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on <unknown> machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture <unknown>
Object file version 0x1
Program headers 3
Section headers 10
ELF sections
ELF Segments
.init
.text
.fini
.rodata
.ctors
.dtors
.data
.bss
Segment without sections
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
SuperH

File identification
MD5 b3e480bcc640c69814b46ef22fbb0974
SHA1 45328ac58ad246206d4bf9639a9f53768665fba4
SHA256 ef6dcaf6f0f7d5d4ccabdbc9ddd4e99561ed6136ee96b7592f521245c2d349e8
ssdeep
768:Fa+pKwt3G3V/IYFkePHz7FVDgramUatD/q4CHo21nCH:FasKwtWqgara9aV/q4zmnCH

File size 43.3 KB ( 44344 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Renesas SH, version 1 (SYSV), statically linked, stripped

TrID ELF Executable and Linkable format (generic) (100.0%)
Tags
elf

VirusTotal metadata
First submission 2019-01-30 00:00:54 UTC ( 2 months, 3 weeks ago )
Last submission 2019-01-30 00:00:54 UTC ( 2 months, 3 weeks ago )
File names hoho.sh4
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!