× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 067fbb577a6fe90c8135cc7ba00eebec7fb1b94f350d4026fe48654d286f1587
File name: sudp.Elf.BillGates.DDoS
Detection ratio: 20 / 55
Analysis date: 2015-07-01 05:09:40 UTC ( 3 years, 9 months ago ) View latest
Antivirus Result Update
AhnLab-V3 Linux/Backdoor.1223123.B 20150630
Antiy-AVL Trojan/Generic.ASELF.728 20150701
Avast ELF:Elknot-AS [Trj] 20150701
AVG Linux/BackDoor_c.CL 20150701
CAT-QuickHeal Linux.DnsAmp.a586 20150630
ClamAV Linux.Trojan.Agent 20150701
DrWeb Linux.BackDoor.Gates.9 20150701
ESET-NOD32 Linux/Setag.B.Gen 20150630
Fortinet ELF/Ganiw.A!tr 20150701
GData Linux.Trojan.Siggen.D 20150701
Ikarus Trojan.Linux.Agent 20150701
Jiangmin Backdoor/Linux.km 20150630
Kaspersky HEUR:Backdoor.Linux.Ganiw.a 20150701
Microsoft Backdoor:Linux/Setag.C 20150701
NANO-Antivirus Trojan.Unix.Ganiw.ditcrf 20150630
Qihoo-360 Trojan.Generic 20150701
Rising NORMAL:Backdoor.Linux.Flood.a!1616113 20150630
Sophos AV Linux/DDoS-BD 20150701
Symantec Linux.Chikdos.B!gen2 20150701
Zillya Trojan.Agent.Linux.12 20150630
Ad-Aware 20150701
AegisLab 20150701
Yandex 20150630
Alibaba 20150630
ALYac 20150630
Arcabit 20150630
Avira (no cloud) 20150630
AVware 20150701
Baidu-International 20150630
BitDefender 20150701
Bkav 20150630
ByteHero 20150701
Comodo 20150701
Cyren 20150701
Emsisoft 20150701
F-Prot 20150701
F-Secure 20150701
K7AntiVirus 20150630
K7GW 20150701
Kingsoft 20150701
Malwarebytes 20150701
McAfee 20150701
McAfee-GW-Edition 20150630
eScan 20150701
nProtect 20150630
Panda 20150630
SUPERAntiSpyware 20150701
Tencent 20150701
TheHacker 20150701
TrendMicro 20150701
TrendMicro-HouseCall 20150701
VBA32 20150630
VIPRE 20150701
ViRobot 20150701
Zoner 20150701
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 5
Section headers 28
ELF sections
ELF Segments
.note.ABI-tag
.init
.text
__libc_thread_freeres_fn
__libc_freeres_fn
.fini
.rodata
__libc_atexit
__libc_subfreeres
__libc_thread_subfreeres
.eh_frame
.gcc_except_table
.ctors
.dtors
.jcr
.data.rel.ro
.got
.got.plt
.data
.bss
__libc_freeres_ptrs
.note.ABI-tag
Segment without sections
Segment without sections
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
i386

Compressed bundles
File identification
MD5 84d431618cbbbf56fe0cc3d34f62a655
SHA1 db16dfdb8eecc0db6f6c009f98702be43abe40c2
SHA256 067fbb577a6fe90c8135cc7ba00eebec7fb1b94f350d4026fe48654d286f1587
ssdeep
24576:e845rGHu6gVJKG75oFpA0VWeX4A2y1q2rJp0:745vRVJKGtSA0VWeo3u9p0

File size 1.2 MB ( 1223123 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.2.5, not stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
elf

VirusTotal metadata
First submission 2015-06-26 19:49:47 UTC ( 3 years, 9 months ago )
Last submission 2018-05-19 01:01:05 UTC ( 11 months, 1 week ago )
File names 067fbb577a6fe90c8135cc7ba00eebec7fb1b94f350d4026fe48654d286f1587-1223123
China.Z-ligf
84d431618cbbbf56fe0cc3d34f62a655.data
067fbb577a6fe90c8135cc7ba00eebec7fb1b94f350d4026fe48654d286f1587.log
sudp
sudp.Elf.BillGates.DDoS
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!