× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 0f8f535318eae24b39f8bee9b57f1a139b7fc3f77280e88a54a63cda7d94159f
File name: xmapp
Detection ratio: 33 / 56
Analysis date: 2016-09-01 07:28:36 UTC ( 2 years, 4 months ago )
Antivirus Result Update
Ad-Aware Trojan.Agent.Linux.A 20160901
AegisLab Backdoor.Linux.Ganiw!c 20160901
AhnLab-V3 Linux/Backdoor.1223123.B 20160901
ALYac Trojan.Agent.Linux.A 20160901
Arcabit Trojan.Agent.Linux.A 20160901
Avast ELF:Elknot-AE [Trj] 20160901
AVG Linux/BackDoor_c.CL 20160831
Avira (no cloud) LINUX/Setag.wmqj 20160901
BitDefender Trojan.Agent.Linux.A 20160901
CAT-QuickHeal Backdoor.Linux.Setag.E 20160831
ClamAV Unix.Trojan.Agent-37008 20160901
Cyren ELF/Trojan.XXEU-0 20160901
DrWeb Linux.BackDoor.Gates.9 20160901
Emsisoft Trojan.Agent.Linux.A (B) 20160901
ESET-NOD32 Linux/Setag.B.Gen 20160901
F-Secure Trojan.Agent.Linux.A 20160901
Fortinet ELF/Ganiw.A!tr 20160901
GData Trojan.Agent.Linux.A 20160901
Ikarus Trojan.Linux.Setag 20160831
Jiangmin Backdoor/Linux.io 20160901
Kaspersky HEUR:Backdoor.Linux.Ganiw.d 20160901
McAfee Linux/Gates 20160901
McAfee-GW-Edition Linux/Gates 20160901
Microsoft Backdoor:Linux/Setag!rfn 20160901
eScan Trojan.Agent.Linux.A 20160901
NANO-Antivirus Trojan.Unix.Ganiw.ditcrf 20160901
Qihoo-360 virus.elf.ddos.f 20160901
Rising Backdoor.Setag/Linux!1.A3E5 (classic) 20160901
Sophos AV Linux/DDoS-BD 20160901
Symantec Linux.Chikdos.B!gen2 20160901
Tencent Linux.Backdoor.Ganiw.Sxef 20160901
TrendMicro-HouseCall Linux_SETAG.SM 20160901
Zillya Trojan.Agent.Linux.12 20160901
Alibaba 20160901
Antiy-AVL 20160901
AVware 20160901
Baidu 20160901
Bkav 20160831
CMC 20160830
Comodo 20160901
F-Prot 20160901
K7AntiVirus 20160901
K7GW 20160901
Kingsoft 20160901
Malwarebytes 20160901
nProtect 20160901
Panda 20160831
SUPERAntiSpyware 20160831
TheHacker 20160829
TotalDefense 20160901
TrendMicro 20160901
VBA32 20160831
VIPRE 20160831
ViRobot 20160901
Yandex 20160831
Zoner 20160901
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 5
Section headers 28
ELF sections
ELF Segments
.note.ABI-tag
.init
.text
__libc_thread_freeres_fn
__libc_freeres_fn
.fini
.rodata
__libc_atexit
__libc_subfreeres
__libc_thread_subfreeres
.eh_frame
.gcc_except_table
.ctors
.dtors
.jcr
.data.rel.ro
.got
.got.plt
.data
.bss
__libc_freeres_ptrs
.note.ABI-tag
Segment without sections
Segment without sections
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
i386

PCAP parents
File identification
MD5 c5593d522903e15a7ef02323543db14c
SHA1 c65a4dd82ba24f95fb095795791648f919c0773e
SHA256 0f8f535318eae24b39f8bee9b57f1a139b7fc3f77280e88a54a63cda7d94159f
ssdeep
24576:e845rGHu6gVJKG75oFpA0VWeX4A2y1q2rJp0:745vRVJKGtSA0VWeo3u9p0

File size 1.2 MB ( 1223123 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.2.5, not stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
elf

VirusTotal metadata
First submission 2016-08-05 03:36:56 UTC ( 2 years, 5 months ago )
Last submission 2016-08-05 03:36:56 UTC ( 2 years, 5 months ago )
File names xmapp
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!