× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 1ef6b45a2e5e6b547df2f5672bf48ebfd2720ffa8eed308010fb90f6fd8d79b6
File name: EXr.pdf
Detection ratio: 3 / 50
Analysis date: 2014-02-16 02:26:31 UTC ( 5 years ago ) View latest
Antivirus Result Update
ESET-NOD32 probably a variant of Linux/Themoon.A.Gen 20140215
Kaspersky Worm.Linux.TheMoon.a 20140216
Symantec Trojan Horse 20140216
Ad-Aware 20140216
Yandex 20140215
AhnLab-V3 20140215
AntiVir 20140215
Antiy-AVL 20140216
Avast 20140216
AVG 20140215
Baidu-International 20140215
BitDefender 20140216
Bkav 20140214
ByteHero 20140216
CAT-QuickHeal 20140215
ClamAV 20140215
CMC 20140213
Commtouch 20140215
Comodo 20140215
DrWeb 20140216
Emsisoft 20140216
F-Prot 20140215
F-Secure 20140216
Fortinet 20140216
GData 20140216
Ikarus 20140215
Jiangmin 20140215
K7AntiVirus 20140214
K7GW 20140214
Kingsoft 20140216
Malwarebytes 20140216
McAfee 20140216
McAfee-GW-Edition 20140216
Microsoft 20140216
eScan 20140216
NANO-Antivirus 20140216
Norman 20140215
nProtect 20140214
Panda 20140215
Qihoo-360 20140216
Rising 20140215
Sophos AV 20140215
SUPERAntiSpyware 20140215
TheHacker 20140214
TotalDefense 20140215
TrendMicro 20140215
TrendMicro-HouseCall 20140215
VBA32 20140214
VIPRE 20140216
ViRobot 20140215
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on MIPS R3000 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture MIPS R3000
Object file version 0x1
Program headers 4
Section headers 20
ELF sections
ELF Segments
.reginfo
.reginfo
.init
.text
.fini
.rodata
.eh_frame
.ctors
.dtors
.jcr
.data.rel.ro
.data
.got
.sdata
.sbss
.bss
Segment without sections
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
MIPS R3000

Compressed bundles
File identification
MD5 88a5c5f9c5de5ba612ec96682d61c7bb
SHA1 d2538c13cb2c6fdb1aa26278ba6e7dd9b3837364
SHA256 1ef6b45a2e5e6b547df2f5672bf48ebfd2720ffa8eed308010fb90f6fd8d79b6
ssdeep
24576:trbshnECYt0G1Y1SV43kBdvQkRobNW7yHSwmgpJRSMLIdP7DTuw64R4STd+:t3SOH6RudPvT564RX4

File size 2.3 MB ( 2415129 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, stripped

TrID ELF Executable and Linkable format (generic) (100.0%)
Tags
elf

VirusTotal metadata
First submission 2014-02-15 03:24:39 UTC ( 5 years ago )
Last submission 2016-01-24 12:20:13 UTC ( 3 years ago )
File names themoon
vti-rescan
EXr.pdf
1ef6b45a2e5e6b547df2f5672bf48ebfd2720ffa8eed308010fb90f6fd8d79b6
d2538c13cb2c6fdb1aa26278ba6e7dd9b3837364
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!