× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 8b929fa993b6eb2bb37281fd265c19c862c4124c770e7c99ce5997a667d0e11b
File name: pty
Detection ratio: 28 / 57
Analysis date: 2016-06-29 05:34:57 UTC ( 1 year, 5 months ago )
Antivirus Result Update
Ad-Aware Backdoor.Linux.Tsunami.ET 20160629
AegisLab Backdoor.Linux.Tsunami!c 20160628
ALYac Backdoor.Linux.Tsunami.ET 20160629
Avast ELF:Tsunami-DO [Trj] 20160629
AVG Linux/Tsunami.CY 20160628
Avira (no cloud) LINUX/Tsunami.ymow 20160628
BitDefender Backdoor.Linux.Tsunami.ET 20160629
ClamAV Unix.Malware.Agent-1395035 20160629
Comodo UnclassifiedMalware 20160629
DrWeb Linux.BackDoor.Tsunami.329 20160629
Emsisoft Backdoor.Linux.Tsunami.ET (B) 20160629
ESET-NOD32 Linux/Tsunami.NGZ 20160629
F-Secure Backdoor.Linux.Tsunami.ET 20160629
Fortinet Malware_Generic.P0 20160629
GData Backdoor.Linux.Tsunami.ET 20160629
Ikarus Trojan.Linux.Tsunami 20160628
K7AntiVirus Trojan ( 0001140e1 ) 20160628
K7GW Trojan ( 0001140e1 ) 20160629
Kaspersky HEUR:Backdoor.Linux.Tsunami.bq 20160628
eScan Backdoor.Linux.Tsunami.ET 20160629
nProtect Backdoor.Linux.Tsunami.ET 20160628
Qihoo-360 Win32/Backdoor.aa7 20160629
Sophos AV Linux/Tsunami-A 20160629
Symantec Linux.Kaiten 20160629
Tencent Linux.Backdoor.Tsunami.Efar 20160629
TrendMicro ELF_IRCBOT.TNI 20160629
TrendMicro-HouseCall ELF_IRCBOT.TNI 20160629
Zillya Backdoor.Tsunami.Linux.110 20160627
Yandex 20160626
AhnLab-V3 20160628
Alibaba 20160629
Antiy-AVL 20160629
Arcabit 20160629
AVware 20160629
Baidu 20160628
Baidu-International 20160614
Bkav 20160628
CAT-QuickHeal 20160628
CMC 20160627
Cyren 20160629
F-Prot 20160629
Jiangmin 20160629
Kingsoft 20160629
Malwarebytes 20160629
McAfee 20160629
McAfee-GW-Edition 20160629
Microsoft 20160629
NANO-Antivirus 20160629
Panda 20160628
SUPERAntiSpyware 20160629
TheHacker 20160628
TotalDefense 20160628
VBA32 20160627
VIPRE 20160629
ViRobot 20160629
Yandex 20160626
Zoner 20160629
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - Linux
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 2
Section headers 0
ELF Segments
Segment without sections
Segment without sections
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
i386

File identification
MD5 fa856be9e8018c3a7d4d2351398192d8
SHA1 2bb922f78643a91cf4983482fd2f85d25f1a7073
SHA256 8b929fa993b6eb2bb37281fd265c19c862c4124c770e7c99ce5997a667d0e11b
ssdeep
768:0g8NC9SEia11gVCLI++yrmO2pSEVChObouBkvYwxE3RSinbcuyD7UncG/Hpa0kTb:0g8NC9SENHLIdkmO2pSRhPuBkvYr3Mim

File size 40.8 KB ( 41800 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (GNU/Linux), statically linked, stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
elf

VirusTotal metadata
First submission 2016-04-02 14:42:25 UTC ( 1 year, 8 months ago )
Last submission 2016-05-18 06:56:42 UTC ( 1 year, 7 months ago )
File names pty.old
YKOX.xltx
d545ea49b39ff4dcebd99d8ef91ccc8a14d4cc3c
zGmi.chm
pty
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!