| SHA256: | 1ef6b45a2e5e6b547df2f5672bf48ebfd2720ffa8eed308010fb90f6fd8d79b6 |
| File name: | EXr.pdf |
| Detection ratio: | 3 / 50 |
| Analysis date: | 2014-02-16 02:26:31 UTC ( 5 years, 2 months ago ) View latest |
| Antivirus | Result | Update |
|---|---|---|
| ESET-NOD32 | probably a variant of Linux/Themoon.A.Gen | 20140215 |
| Kaspersky | Worm.Linux.TheMoon.a | 20140216 |
| Symantec | Trojan Horse | 20140216 |
| Ad-Aware | 20140216 | |
| Yandex | 20140215 | |
| AhnLab-V3 | 20140215 | |
| AntiVir | 20140215 | |
| Antiy-AVL | 20140216 | |
| Avast | 20140216 | |
| AVG | 20140215 | |
| Baidu-International | 20140215 | |
| BitDefender | 20140216 | |
| Bkav | 20140214 | |
| ByteHero | 20140216 | |
| CAT-QuickHeal | 20140215 | |
| ClamAV | 20140215 | |
| CMC | 20140213 | |
| Commtouch | 20140215 | |
| Comodo | 20140215 | |
| DrWeb | 20140216 | |
| Emsisoft | 20140216 | |
| F-Prot | 20140215 | |
| F-Secure | 20140216 | |
| Fortinet | 20140216 | |
| GData | 20140216 | |
| Ikarus | 20140215 | |
| Jiangmin | 20140215 | |
| K7AntiVirus | 20140214 | |
| K7GW | 20140214 | |
| Kingsoft | 20140216 | |
| Malwarebytes | 20140216 | |
| McAfee | 20140216 | |
| McAfee-GW-Edition | 20140216 | |
| Microsoft | 20140216 | |
| eScan | 20140216 | |
| NANO-Antivirus | 20140216 | |
| Norman | 20140215 | |
| nProtect | 20140214 | |
| Panda | 20140215 | |
| Qihoo-360 | 20140216 | |
| Rising | 20140215 | |
| Sophos AV | 20140215 | |
| SUPERAntiSpyware | 20140215 | |
| TheHacker | 20140214 | |
| TotalDefense | 20140215 | |
| TrendMicro | 20140215 | |
| TrendMicro-HouseCall | 20140215 | |
| VBA32 | 20140214 | |
| VIPRE | 20140216 | |
| ViRobot | 20140215 |
The file being studied is an ELF!
More specifically, it is a EXEC (Executable file) ELF
for Unix systems running on MIPS R3000 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture MIPS R3000
Object file version 0x1
Program headers 4
Section headers 20
ELF sections
ELF Segments
ExifTool file metadata
MIMEType
application/octet-stream
CPUByteOrder
Little endian
CPUArchitecture
32 bit
FileType
ELF executable
ObjectFileType
Executable file
CPUType
MIPS R3000
Compressed bundles
File identification
MD5 88a5c5f9c5de5ba612ec96682d61c7bb
SHA1 d2538c13cb2c6fdb1aa26278ba6e7dd9b3837364
SHA256 1ef6b45a2e5e6b547df2f5672bf48ebfd2720ffa8eed308010fb90f6fd8d79b6
ssdeep
24576:trbshnECYt0G1Y1SV43kBdvQkRobNW7yHSwmgpJRSMLIdP7DTuw64R4STd+:t3SOH6RudPvT564RX4
File size
2.3 MB ( 2415129 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, stripped
| TrID |
ELF Executable and Linkable format (generic) (100.0%) |
Tags
elf
VirusTotal metadata
First submission
2014-02-15 03:24:39 UTC ( 5 years, 2 months ago )
Last submission
2016-01-24 12:20:13 UTC ( 3 years, 2 months ago )
| File names |
themoon vti-rescan EXr.pdf 1ef6b45a2e5e6b547df2f5672bf48ebfd2720ffa8eed308010fb90f6fd8d79b6 d2538c13cb2c6fdb1aa26278ba6e7dd9b3837364 |
No comments.
No VirusTotal Community member has commented on this item yet, be the first one to do so!
You have not signed in. Only registered users can leave comments, sign in and have a voice!
No votes.
No one has voted on this item yet, be the first one to do so!