× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 13e2554f5ee377e9fe376176f84a49f8ecbfc46c17fed80397982a68683067bf
File name: apache2
Detection ratio: 20 / 54
Analysis date: 2016-10-03 18:42:23 UTC ( 2 years, 6 months ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Backdoor.Linux.Gafgyt.1 20161003
ALYac Gen:Variant.Backdoor.Linux.Gafgyt.1 20160930
Arcabit Trojan.Backdoor.Linux.Gafgyt.1 20161003
Avast ELF:Gafgyt-D [Trj] 20161003
AVG Linux/Fgt 20161003
BitDefender Gen:Variant.Backdoor.Linux.Gafgyt.1 20161003
DrWeb Linux.BackDoor.Fgt.9 20161003
Emsisoft Gen:Variant.Backdoor.Linux.Gafgyt.1 (B) 20161003
ESET-NOD32 a variant of Linux/Gafgyt.C 20161003
F-Secure Gen:Variant.Backdoor.Linux.Gafgyt.1 20161003
Fortinet Linux/Gafgyt.B!tr 20161003
GData Gen:Variant.Backdoor.Linux.Gafgyt.1 20161003
Ikarus Trojan.Linux.Gafgyt 20161003
Kaspersky HEUR:Backdoor.Linux.Gafgyt.b 20161003
Microsoft DDoS:Linux/Lightaidra 20161003
eScan Gen:Variant.Backdoor.Linux.Gafgyt.1 20161003
Rising Trojan.Gafgyt/Linux!1.A480 (classic) 20161003
Sophos AV Linux/DDoS-BI 20161003
TrendMicro ELF_BASHLITE.SM 20161003
TrendMicro-HouseCall ELF_BASHLITE.SM 20161003
AegisLab 20161003
AhnLab-V3 20161003
Alibaba 20161003
Antiy-AVL 20161003
Avira (no cloud) 20161003
AVware 20161003
Baidu 20161001
Bkav 20161003
CAT-QuickHeal 20161003
ClamAV 20161003
CMC 20161003
Comodo 20161003
CrowdStrike Falcon (ML) 20160725
Cyren 20161003
F-Prot 20161003
Sophos ML 20160928
Jiangmin 20161003
K7AntiVirus 20161003
K7GW 20161003
Kingsoft 20161003
Malwarebytes 20161003
McAfee 20161003
McAfee-GW-Edition 20161003
NANO-Antivirus 20161003
nProtect 20161003
Panda 20161002
Qihoo-360 20161003
SUPERAntiSpyware 20161003
Symantec 20161003
Tencent 20161003
TheHacker 20161001
VBA32 20161003
VIPRE 20161003
ViRobot 20161003
Yandex 20161002
Zillya 20161003
Zoner 20161003
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on ARM machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI ARM
ABI version 0
Object file type EXEC (Executable file)
Required architecture ARM
Object file version 0x1
Program headers 3
Section headers 20
ELF sections
ELF Segments
.init
.text
.fini
.rodata
.eh_frame
.ctors
.dtors
.jcr
.data
.bss
Segment without sections
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
Unknown (40)

File identification
MD5 2dc754d1a5b68dc34a855190e66fec04
SHA1 bf56d7a0ee5c45ffe7bb1e51f7d2c20d09cecf76
SHA256 13e2554f5ee377e9fe376176f84a49f8ecbfc46c17fed80397982a68683067bf
ssdeep
3072:xX9o/ejVn4TWradnhLKubWqvt2GXP80CQOBwgpRldxNlhQK4hXBIyuum5EqQudd2:xxQntBIydm5EqQudd4Qik2

File size 112.5 KB ( 115175 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, ARM, version 1, statically linked, not stripped

TrID ELF Executable and Linkable format (generic) (100.0%)
Tags
elf

VirusTotal metadata
First submission 2016-10-03 18:42:23 UTC ( 2 years, 6 months ago )
Last submission 2018-01-10 08:22:53 UTC ( 1 year, 3 months ago )
File names apache2
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!