× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 0ab177a27a5d7b5a81cb9031b89412ba992895fe817749ed3fa1c6401c14dd6a
File name: 96bb6dcd6693309ca42db4737ac17271504f4dc5
Detection ratio: 6 / 54
Analysis date: 2014-08-25 20:59:21 UTC ( 4 years, 9 months ago ) View latest
Antivirus Result Update
Avast ELF:Flooder-BA [Trj] 20140825
DrWeb Linux.DDoS.6 20140825
Ikarus Backdoor.Linux.Mayday 20140825
Jiangmin Backdoor/Linux.jq 20140825
Kaspersky Backdoor.Linux.Mayday.g 20140825
Qihoo-360 Trojan.Generic 20140825
Ad-Aware 20140825
AegisLab 20140825
Yandex 20140825
AhnLab-V3 20140825
AntiVir 20140825
Antiy-AVL 20140825
AVG 20140825
AVware 20140825
Baidu-International 20140825
BitDefender 20140825
Bkav 20140821
ByteHero 20140825
CAT-QuickHeal 20140825
ClamAV 20140825
CMC 20140825
Commtouch 20140825
Comodo 20140825
Emsisoft 20140825
ESET-NOD32 20140825
F-Prot 20140825
F-Secure 20140825
Fortinet 20140825
GData 20140825
K7AntiVirus 20140825
K7GW 20140825
Kingsoft 20140825
Malwarebytes 20140825
McAfee 20140825
McAfee-GW-Edition 20140825
Microsoft 20140825
eScan 20140825
NANO-Antivirus 20140825
Norman 20140825
nProtect 20140825
Panda 20140825
Rising 20140825
Sophos AV 20140825
SUPERAntiSpyware 20140825
Symantec 20140825
TheHacker 20140822
TotalDefense 20140825
TrendMicro 20140825
TrendMicro-HouseCall 20140825
VBA32 20140825
VIPRE 20140825
ViRobot 20140825
Zillya 20140825
Zoner 20140822
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - Linux
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 2
Section headers 0
Packers identified
upx
ELF Segments
Segment without sections
Segment without sections
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
i386

File identification
MD5 ae6e53c1d137a3c2885110c72c9d829e
SHA1 7a2bc5e31de1085bb9aea6f4257bde7582ba28d2
SHA256 0ab177a27a5d7b5a81cb9031b89412ba992895fe817749ed3fa1c6401c14dd6a
ssdeep
24576:B56n8IpJUmVrCF0lSIxCWy68eNAhKyx3rqywOExbsEgeBy+AmBoUUhKEhxX:ByqmC0ljCresKeJExIE9v7wRz

File size 1.1 MB ( 1153640 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (GNU/Linux), statically linked, stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
elf upx

VirusTotal metadata
First submission 2014-08-24 13:43:02 UTC ( 4 years, 9 months ago )
Last submission 2018-10-09 18:56:39 UTC ( 7 months, 2 weeks ago )
File names EqD4qL.bmp
ry6IcKdG.xltx
14.17
7a2bc5e31de1085bb9aea6f4257bde7582ba28d2
14.17.BillGates
96bb6dcd6693309ca42db4737ac17271504f4dc5
ae6e53c1d137a3c2885110c72c9d829e
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!