× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: fea7c396f754d0bdeceb5b12a89d4cf37ab1a95556a63111577ce86076f9ea86
File name: zbetcheckin_tracker_[cpu]
Detection ratio: 17 / 58
Analysis date: 2019-01-12 07:27:36 UTC ( 1 month, 1 week ago ) View latest
Antivirus Result Update
AhnLab-V3 Linux/Gafgyt.Gen27 20190111
Antiy-AVL Trojan[Backdoor]/Linux.Gafgyt.bj 20190111
Avast ELF:DDoS-S [Trj] 20190112
Avast-Mobile ELF:DDoS-S [Trj] 20190111
AVG ELF:DDoS-S [Trj] 20190112
Avira (no cloud) LINUX/Gafgyt.opnd 20190112
DrWeb Linux.BackDoor.Fgt.9 20190112
ESET-NOD32 a variant of Linux/Gafgyt.ANW 20190112
Fortinet ELF/Mirai.B!tr 20190112
Ikarus Trojan.Linux.Fgt 20190112
Jiangmin Backdoor.Linux.cfvv 20190112
Kaspersky HEUR:Backdoor.Linux.Gafgyt.bj 20190112
McAfee Linux/Backdoor-gen.a 20190112
McAfee-GW-Edition Linux/Backdoor-gen.a 20190112
TrendMicro Possible_BASHLITE.SMLBN1 20190112
TrendMicro-HouseCall Possible_BASHLITE.SMLBN1 20190112
ZoneAlarm by Check Point HEUR:Backdoor.Linux.Gafgyt.bj 20190112
Acronis 20190111
Ad-Aware 20190112
AegisLab 20190112
Alibaba 20180921
ALYac 20190112
Arcabit 20190112
Babable 20180918
Baidu 20190111
BitDefender 20190112
Bkav 20190108
CAT-QuickHeal 20190111
ClamAV 20190112
CMC 20190111
Comodo 20190112
CrowdStrike Falcon (ML) 20181023
Cybereason 20190109
Cylance 20190112
Cyren 20190112
eGambit 20190112
Emsisoft 20190112
Endgame 20181108
F-Prot 20190112
F-Secure 20190111
GData 20190112
Sophos ML 20181128
K7AntiVirus 20190111
K7GW 20190112
Kingsoft 20190112
Malwarebytes 20190112
MAX 20190112
Microsoft 20190112
eScan 20190112
NANO-Antivirus 20190112
Palo Alto Networks (Known Signatures) 20190112
Panda 20190111
Qihoo-360 20190112
Rising 20190112
SentinelOne (Static ML) 20181223
Sophos AV 20190112
SUPERAntiSpyware 20190109
Symantec 20190112
TACHYON 20190112
Tencent 20190112
TheHacker 20190106
TotalDefense 20190111
Trapmine 20190103
Trustlook 20190112
VBA32 20190111
VIPRE 20190112
ViRobot 20190111
Webroot 20190112
Yandex 20190111
Zillya 20190111
Zoner 20190112
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on ARM machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI ARM
ABI version 0
Object file type EXEC (Executable file)
Required architecture ARM
Object file version 0x1
Program headers 3
Section headers 20
ELF sections
ELF Segments
.init
.text
.fini
.rodata
.eh_frame
.ctors
.dtors
.jcr
.data
.bss
Segment without sections
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
Unknown (40)

File identification
MD5 a507c283700ca74bc4ddd0fb4dfe0daa
SHA1 20ab25198750677e7f2ae15aa799956244fff2ae
SHA256 fea7c396f754d0bdeceb5b12a89d4cf37ab1a95556a63111577ce86076f9ea86
ssdeep
1536:v2G7IuzVxAf2I9K25Ux5O8KXQeYNWAvOhi2t1sSPnfRhtPTHl/mqzgrQxFWOBX8u:NIuDK5UeX0lOhiMPn5h5l/magrQxFxBJ

File size 95.1 KB ( 97414 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, ARM, version 1, statically linked, not stripped

TrID ELF Executable and Linkable format (generic) (100.0%)
Tags
elf

VirusTotal metadata
First submission 2019-01-12 07:27:36 UTC ( 1 month, 1 week ago )
Last submission 2019-01-25 07:19:34 UTC ( 4 weeks ago )
File names zbetcheckin_tracker_[cpu]
fea7c396f754d0bdeceb5b12a89d4cf37ab1a95556a63111577ce86076f9ea86
a507c283700ca74bc4ddd0fb4dfe0daa
[cpu]
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!