× Cookies sind ausgeschaltet! Diese Seite erfordert aktivierte Cookies, um vollständig zu funktionieren.
SHA256: 4fb50087fd3ecf8590b34a6ef40bdc227caee4314f480a4b01abab01c3e805ea
Dateiname: npc
Erkennungsrate: 30 / 56
Analyse-Datum: 2015-02-07 21:07:20 UTC ( vor 4 Jahre, 1 Monat ) Zeige Neueste
Antivirus Ergebnis Aktualisierung
Ad-Aware Linux.Backdoor.I 20150207
AhnLab-V3 Linux/Backdoor.1135000 20150207
ALYac Linux.Backdoor.I 20150207
Avast ELF:Elknot-AS [Trj] 20150206
AVG Linux/BackDoor_c.CK 20150207
BitDefender Linux.Backdoor.I 20150207
CAT-QuickHeal Linux.Ganiw.a50a 20150205
Comodo UnclassifiedMalware 20150207
Cyren ELF/Trojan.TBDN-9 20150207
DrWeb Linux.BackDoor.Gates.6 20150207
Emsisoft Linux.Backdoor.I (B) 20150207
ESET-NOD32 Linux/Agent.I.Gen 20150207
F-Secure Linux.Backdoor.I 20150207
Fortinet ELF/Agent.IGE!tr 20150207
GData Linux.Backdoor.I 20150207
Ikarus Trojan.Linux.Agent 20150207
Kaspersky HEUR:Backdoor.Linux.Ganiw.a 20150207
McAfee Linux/Agent.A 20150207
McAfee-GW-Edition Linux/Agent.A 20150207
Microsoft Backdoor:Linux/Setag.A 20150207
eScan Linux.Backdoor.I 20150207
NANO-Antivirus Trojan.Unix.Ganiw.dirahp 20150207
Norman Agent.BFMFV 20150207
nProtect Linux.Backdoor.I 20150206
Qihoo-360 Trojan.Generic 20150207
Sophos AV Linux/DDoS-BD 20150207
Symantec Trojan.Chikdos.B!gen2 20150207
Tencent Linux.Backdoor.Backdoor.Fil 20150207
TrendMicro-HouseCall Suspicious_GEN.F47V1207 20150207
Zillya Downloader.OpenConnection.JS.100251 20150206
AegisLab 20150207
Yandex 20150207
Alibaba 20150207
Antiy-AVL 20150207
Avira (no cloud) 20150207
AVware 20150207
Baidu-International 20150207
Bkav 20150207
ByteHero 20150207
ClamAV 20150207
CMC 20150205
F-Prot 20150207
K7AntiVirus 20150207
K7GW 20150207
Kingsoft 20150207
Malwarebytes 20150207
Panda 20150207
Rising 20150207
SUPERAntiSpyware 20150207
TheHacker 20150206
TotalDefense 20150207
TrendMicro 20150207
VBA32 20150206
VIPRE 20150207
ViRobot 20150207
Zoner 20150206
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 5
Section headers 28
ELF sections
ELF Segments
.note.ABI-tag
.init
.text
__libc_thread_freeres_fn
__libc_freeres_fn
.fini
.rodata
__libc_atexit
__libc_subfreeres
__libc_thread_subfreeres
.eh_frame
.gcc_except_table
.ctors
.dtors
.jcr
.data.rel.ro
.got
.got.plt
.data
.bss
__libc_freeres_ptrs
.note.ABI-tag
Segment without sections
Segment without sections
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
i386

File identification
MD5 0c2fced6cd1b58dc85669dae1736a19e
SHA1 775a3e0e4c5e0b53c7adf2e81ab13b0994338e0a
SHA256 4fb50087fd3ecf8590b34a6ef40bdc227caee4314f480a4b01abab01c3e805ea
ssdeep
24576:4vRE7caCfKGPqVEDNLFxKsfaoI+gIGYuuCol7r:4vREKfPqVE5jKsfaoRHGVo7r

File size 1.1 MB ( 1135000 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.2.5, not stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
elf via-tor

VirusTotal metadata
First submission 2014-12-07 02:45:21 UTC ( vor 4 Jahre, 3 Monate )
Last submission 2017-04-04 07:03:48 UTC ( vor 1 Jahr, 11 Monate )
Dateinamen 20150201072119_http___103_39_77_175_8080_npc
20150527012748_http___111_73_45_231_280_npc
agent
VirusShare_0c2fced6cd1b58dc85669dae1736a19e
20150623152156_http___111_73_46_231_280_npc
20141206234547_http___122_224_55_86_8080_npc
npc
4GDB_qgMH.vbs
eJ207.xlsb
4fb50087fd3ecf8590b34a6ef40bdc227caee4314f480a4b01abab01c3e805ea
Keine Kommentare. Bisher hat kein Mitglied der VirusTotal-Community einen Kommentar zu diesem Punkt verfasst, seien Sie der Erste!

Hinterlassen Sie Ihren Kommentar...

?
Kommentar abschicken

Sie sind nicht angemeldet. Nur registrierte Nutzer können Kommentare hinterlassen, melden Sie sich an und sagen Sie etwas dazu!

Keine Bewertungen. Niemand hat diesen Punkt bisher bewertet, seien Sie der Erste!