× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: f2ac17d16b58cac2aa4eadf06aee578f27635f643501a2c33002ef852e0d0a7d
File name: zbetcheckin_tracker_sshd
Detection ratio: 15 / 57
Analysis date: 2019-01-04 07:21:12 UTC ( 3 months, 3 weeks ago ) View latest
Antivirus Result Update
AhnLab-V3 Linux/Gafgyt.Gen23 20190104
Avast ELF:DDoS-Y [Trj] 20190104
Avast-Mobile ELF:DDoS-S [Trj] 20190103
AVG ELF:DDoS-Y [Trj] 20190104
DrWeb Linux.BackDoor.Fgt.192 20190104
ESET-NOD32 a variant of Linux/Gafgyt.ANI 20190104
Fortinet ELF/Mirai.AE!tr 20190104
GData Linux.Trojan.Gafgyt.A 20190104
Ikarus Trojan.Linux.Tsunami 20190104
Jiangmin Backdoor.Linux.blho 20190104
Kaspersky HEUR:Backdoor.Linux.Gafgyt.av 20190104
McAfee Linux/Gafgyt.h 20190104
McAfee-GW-Edition Linux/Gafgyt.h 20190104
Tencent Trojan.Linux.Gafgyt.bbaa 20190104
ZoneAlarm by Check Point HEUR:Backdoor.Linux.Gafgyt.av 20190104
Acronis 20181227
Ad-Aware 20190104
AegisLab 20190104
Alibaba 20180921
ALYac 20190104
Antiy-AVL 20190104
Arcabit 20190104
Avira (no cloud) 20190104
Babable 20180918
Baidu 20190104
BitDefender 20190104
Bkav 20190103
CAT-QuickHeal 20190103
ClamAV 20190104
CMC 20190103
Comodo 20190104
CrowdStrike Falcon (ML) 20181022
Cybereason 20180225
Cylance 20190104
Cyren 20190104
eGambit 20190104
Emsisoft 20190104
Endgame 20181108
F-Prot 20190104
F-Secure 20190104
Sophos ML 20181128
K7AntiVirus 20190103
K7GW 20190104
Kingsoft 20190104
Malwarebytes 20190104
MAX 20190104
Microsoft 20190104
eScan 20190104
NANO-Antivirus 20190104
Palo Alto Networks (Known Signatures) 20190104
Panda 20190103
Qihoo-360 20190104
Rising 20190104
SentinelOne (Static ML) 20181223
Sophos AV 20190104
SUPERAntiSpyware 20190102
Symantec 20190104
TACHYON 20190104
TheHacker 20181230
TotalDefense 20190103
Trapmine 20190103
TrendMicro 20190104
TrendMicro-HouseCall 20190104
Trustlook 20190104
VBA32 20181229
ViRobot 20190103
Webroot 20190104
Yandex 20181229
Zillya 20190103
Zoner 20190104
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on MIPS R3000 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture MIPS R3000
Object file version 0x1
Program headers 4
Section headers 20
ELF sections
ELF Segments
.reginfo
.reginfo
.init
.text
.fini
.rodata
.eh_frame
.ctors
.dtors
.jcr
.data
.got
.sbss
.bss
Segment without sections
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
MIPS R3000

File identification
MD5 24727b9bb7ca2ddfd3f6e97759853679
SHA1 68fb03d5459f4afe15021f5d49318c83b3df8e2f
SHA256 f2ac17d16b58cac2aa4eadf06aee578f27635f643501a2c33002ef852e0d0a7d
ssdeep
3072:fiuCG/tUFCWetJ8au49Quhs5Ae+uxY/U1Rxwje+1u9tuz/:fllU5etJ8au4lgqMY/U1Rxwje+1u9tuL

File size 153.5 KB ( 157203 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, not stripped

TrID ELF Executable and Linkable format (generic) (100.0%)
Tags
elf

VirusTotal metadata
First submission 2019-01-04 07:21:12 UTC ( 3 months, 3 weeks ago )
Last submission 2019-02-14 08:52:23 UTC ( 2 months, 1 week ago )
File names f2ac17d16b58cac2aa4eadf06aee578f27635f643501a2c33002ef852e0d0a7d
sshd
24727b9bb7ca2ddfd3f6e97759853679
zbetcheckin_tracker_sshd
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!