× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 28d5f75e289d652061c754079b23ec372da2e8feb1066a3d57381163b614c06c
File name: kworker
Detection ratio: 29 / 57
Analysis date: 2017-04-20 20:51:09 UTC ( 3 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware Application.Miner.S 20170420
AhnLab-V3 Linux/Miner.1217152 20170420
ALYac Misc.Riskware.BitCoinMiner.Linux 20170420
Arcabit Application.Miner.S 20170420
Avast Other:PUP-gen [PUP] 20170420
AVG Linux/Miner_c.DW 20170420
Avira (no cloud) SPR/LNX.BitCoinMiner.gzens 20170420
BitDefender Application.Miner.S 20170420
ClamAV Unix.Malware.Agent-1876744 20170420
Cyren ELF/Trojan.QOWS-9 20170420
DrWeb Tool.Linux.BtcMine.70 20170420
Emsisoft Application.Miner.S (B) 20170420
ESET-NOD32 a variant of Linux/BitCoinMiner.L potentially unsafe 20170420
F-Secure Application.Miner.S 20170420
GData Application.Miner.S 20170420
Jiangmin RiskTool.Linux.ai 20170420
Kaspersky not-a-virus:HEUR:RiskTool.Linux.BitCoinMiner.a 20170420
McAfee Linux/CoinMiner.a 20170420
McAfee-GW-Edition Linux/CoinMiner.a 20170420
eScan Application.Miner.S 20170420
NANO-Antivirus Riskware.BitCoinMiner.ejuarw 20170420
Panda Linux/Bitcoinminer 20170420
Qihoo-360 Win32/Virus.RiskTool.42d 20170420
Sophos AV Generic PUA JB (PUA) 20170420
Symantec Trojan.Gen.NPE 20170420
TrendMicro PUA_BitCoinMiner 20170420
TrendMicro-HouseCall PUA_BitCoinMiner 20170420
ViRobot Linux.S.Agent.1217152[h] 20170420
ZoneAlarm by Check Point not-a-virus:HEUR:RiskTool.Linux.BitCoinMiner.a 20170420
AegisLab 20170420
Alibaba 20170420
Antiy-AVL 20170420
AVware 20170420
Baidu 20170420
Bkav 20170420
CAT-QuickHeal 20170420
CMC 20170420
Comodo 20170420
CrowdStrike Falcon (ML) 20170420
Endgame 20170419
F-Prot 20170420
Fortinet 20170420
Ikarus 20170420
Sophos ML 20170413
K7AntiVirus 20170420
K7GW 20170420
Kingsoft 20170420
Malwarebytes 20170420
Microsoft 20170420
nProtect 20170420
Palo Alto Networks (Known Signatures) 20170420
Rising None
SentinelOne (Static ML) 20170330
SUPERAntiSpyware 20170420
Symantec Mobile Insight 20170420
Tencent 20170420
TheHacker 20170420
TotalDefense 20170420
Trustlook 20170420
VBA32 20170420
VIPRE 20170420
Webroot 20170420
WhiteArmor 20170409
Yandex 20170420
Zillya 20170418
Zoner 20170420
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Advanced Micro Devices X86-64 machines.
ELF Header
Class ELF64
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - Linux
ABI version 0
Object file type EXEC (Executable file)
Required architecture Advanced Micro Devices X86-64
Object file version 0x1
Program headers 2
Section headers 0
Packers identified
upx
ELF Segments
Segment without sections
Segment without sections
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
64 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
AMD x86-64

Compressed bundles
File identification
MD5 483b322b42835227d98f523f9df5c6fc
SHA1 91e71ca252d1ea759b53f821110d8f0ac11b4bff
SHA256 28d5f75e289d652061c754079b23ec372da2e8feb1066a3d57381163b614c06c
ssdeep
24576:sEX3yP0ghoMApslmzW2B2zMPpoOabQuq0+wn4d8OJjfaMRG:1tgvu4qyq0+w4fJjfw

File size 1.2 MB ( 1217152 bytes )
File type ELF
Magic literal
ELF 64-bit LSB executable, x86-64, version 1 (GNU/Linux), statically linked, stripped

TrID ELF Executable and Linkable format (generic) (100.0%)
Tags
64bits elf upx

VirusTotal metadata
First submission 2016-11-27 11:26:26 UTC ( 8 months ago )
Last submission 2017-07-21 06:48:31 UTC ( 1 week ago )
File names test1
syslogdaemon.old
cpux
cputest.jpg
syslog
rsyslog
systemd-logind
483b322b42835227d98f523f9df5c6fc.elf
agentx
malware
three.upx.elf
minerd.elf
Circle_MI.png
new_cs_go
agentdx
3
sys_update
kworker34
587b626883fdc.png
u
q_kworker34
kworker
c416a736c7a54ce0ab464c2b4058195f
cpuloadtest
test
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!