× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 28d5f75e289d652061c754079b23ec372da2e8feb1066a3d57381163b614c06c
File name: 274
Detection ratio: 31 / 58
Analysis date: 2018-01-18 12:41:31 UTC ( 2 hours, 55 minutes ago )
Antivirus Result Update
Ad-Aware Application.Miner.S 20180118
AhnLab-V3 Linux/Miner.1217152 20180118
ALYac Misc.Riskware.BitCoinMiner.Linux 20180118
Arcabit Application.Miner.S 20180118
Avast Other:PUP-gen [PUP] 20180118
AVG Other:PUP-gen [PUP] 20180118
Avira (no cloud) SPR/LNX.BitCoinMiner.gzens 20180118
BitDefender Application.Miner.S 20180118
CAT-QuickHeal ELF.Miner.A.GC 20180118
ClamAV Unix.Malware.Agent-1876744 20180118
Cyren ELF/Trojan.QOWS-9 20180118
DrWeb Tool.Linux.BtcMine.70 20180118
Emsisoft Application.Miner.S (B) 20180118
ESET-NOD32 a variant of Linux/BitCoinMiner.L potentially unsafe 20180118
GData Application.Miner.S 20180118
Jiangmin RiskTool.Linux.ai 20180118
Kaspersky not-a-virus:HEUR:RiskTool.Linux.BitCoinMiner.a 20180118
MAX malware (ai score=97) 20180118
McAfee Linux/CoinMiner.a 20180118
McAfee-GW-Edition Linux/CoinMiner.a 20180118
eScan Application.Miner.S 20180118
NANO-Antivirus Riskware.BitCoinMiner.ejuarw 20180118
Panda Linux/Bitcoinminer 20180117
Qihoo-360 Win32/Virus.RiskTool.42d 20180118
Rising Trojan.BitCoinMiner/Linux!1.AEFF (CLASSIC) 20180118
Sophos AV Linux/BitCoin-B 20180118
Symantec Trojan.Gen.NPE 20180118
TrendMicro PUA_BitCoinMiner 20180118
TrendMicro-HouseCall PUA_BitCoinMiner 20180118
ViRobot Linux.S.Agent.1217152 20180118
ZoneAlarm by Check Point not-a-virus:HEUR:RiskTool.Linux.BitCoinMiner.a 20180118
AegisLab 20180118
Alibaba 20180118
Antiy-AVL 20180118
Avast-Mobile 20180117
AVware 20180103
Baidu 20180118
Bkav 20180118
CMC 20180116
Comodo 20180118
CrowdStrike Falcon (ML) 20171016
Cybereason 20171103
Cylance 20180118
eGambit 20180118
Endgame 20171130
F-Prot 20180118
Fortinet 20180118
Ikarus 20180118
Sophos ML 20170914
K7AntiVirus 20180118
K7GW 20180118
Kingsoft 20180118
Malwarebytes 20180118
Microsoft 20180118
nProtect 20180118
Palo Alto Networks (Known Signatures) 20180118
SentinelOne (Static ML) 20180115
SUPERAntiSpyware 20180118
Symantec Mobile Insight 20180118
Tencent 20180118
TheHacker 20180115
TotalDefense 20180118
Trustlook 20180118
VBA32 20180118
VIPRE 20180118
Webroot 20180118
Yandex 20180112
Zillya 20180117
Zoner 20180118
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Advanced Micro Devices X86-64 machines.
ELF Header
Class ELF64
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - Linux
ABI version 0
Object file type EXEC (Executable file)
Required architecture Advanced Micro Devices X86-64
Object file version 0x1
Program headers 2
Section headers 0
Packers identified
upx
ELF Segments
Segment without sections
Segment without sections
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
64 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
AMD x86-64

File identification
MD5 483b322b42835227d98f523f9df5c6fc
SHA1 91e71ca252d1ea759b53f821110d8f0ac11b4bff
SHA256 28d5f75e289d652061c754079b23ec372da2e8feb1066a3d57381163b614c06c
ssdeep
24576:sEX3yP0ghoMApslmzW2B2zMPpoOabQuq0+wn4d8OJjfaMRG:1tgvu4qyq0+w4fJjfw

File size 1.2 MB ( 1217152 bytes )
File type ELF
Magic literal
ELF 64-bit LSB executable, x86-64, version 1 (GNU/Linux), statically linked, stripped

TrID ELF Executable and Linkable format (generic) (100.0%)
Tags
64bits elf upx

VirusTotal metadata
First submission 2016-11-27 11:26:26 UTC ( 1 year, 1 month ago )
Last submission 2018-01-18 12:41:31 UTC ( 2 hours, 55 minutes ago )
File names test1
syslogdaemon.old
rsyslog
cpux
people
cputest.jpg
syslog
output.112621639.txt
systemd-logind
three.upx.elf
u
agentx
malware
minerd.elf
Circle_MI.png
new_cs_go
agentdx
3
sys_update
kworker34
output.112487909.txt
587b626883fdc.png
Carbon
q_kworker34
kworker
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!