× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 204071505d7955b1ad6fde0013b2d7c37cff17f0d91429e27253371dc5a12643
File name: Freebsd
Detection ratio: 3 / 55
Analysis date: 2014-09-19 03:48:00 UTC ( 4 years, 8 months ago ) View latest
Antivirus Result Update
Avast ELF:Elknot-AS [Trj] 20140919
ClamAV Unix.Trojan.Elknot 20140918
Sophos AV Linux/DDoS-BD 20140919
Ad-Aware 20140919
AegisLab 20140919
Yandex 20140918
AhnLab-V3 20140918
Antiy-AVL 20140919
AVG 20140919
Avira (no cloud) 20140919
AVware 20140919
Baidu-International 20140918
BitDefender 20140919
Bkav 20140918
ByteHero 20140919
CAT-QuickHeal 20140918
CMC 20140918
Comodo 20140919
Cyren 20140919
DrWeb 20140919
Emsisoft 20140919
ESET-NOD32 20140919
F-Prot 20140918
F-Secure 20140919
Fortinet 20140919
GData 20140919
Ikarus 20140919
Jiangmin 20140918
K7AntiVirus 20140918
K7GW 20140918
Kaspersky 20140919
Kingsoft 20140919
Malwarebytes 20140918
McAfee 20140919
McAfee-GW-Edition 20140919
Microsoft 20140919
eScan 20140919
NANO-Antivirus 20140919
Norman 20140918
nProtect 20140918
Panda 20140918
Qihoo-360 20140919
Rising 20140918
SUPERAntiSpyware 20140919
Symantec 20140919
Tencent 20140919
TheHacker 20140917
TotalDefense 20140918
TrendMicro 20140919
TrendMicro-HouseCall 20140919
VBA32 20140918
VIPRE 20140919
ViRobot 20140919
Zillya 20140919
Zoner 20140916
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - FreeBSD
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 4
Section headers 19
ELF sections
ELF Segments
.init
.text
.fini
.rodata
.note.ABI-tag
.data
.eh_frame
.gcc_except_table
.ctors
.dtors
.jcr
.got
.bss
.note.ABI-tag
Segment without sections
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
i386

File identification
MD5 dfe1881b20175414a07b1fa070d20073
SHA1 64519c271a6f545030fd571f99a564d3b1717427
SHA256 204071505d7955b1ad6fde0013b2d7c37cff17f0d91429e27253371dc5a12643
ssdeep
24576:XGg0EYkENQnqDmOuNXLQ+vpaReJ7UgKZ9Q0B06wyq8IssIxIu1rHnBFbNh1QsC2E:Wg0bkqQymRNXLQ+vpaI4ZddDIQrHB91M

File size 1.4 MB ( 1511420 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (FreeBSD), statically linked, for FreeBSD 8.4, not stripped

TrID ELF Executable and Linkable format (generic) (100.0%)
Tags
elf

VirusTotal metadata
First submission 2014-09-19 03:48:00 UTC ( 4 years, 8 months ago )
Last submission 2018-10-09 14:19:41 UTC ( 7 months, 2 weeks ago )
File names Freebsd
dfe1881b20175414a07b1fa070d20073
Freebsd
64519c271a6f545030fd571f99a564d3b1717427_agent
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!