× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2409fb21fe377f7e12dda392f26d7c93b7715239169d362dd907fe499ab38ee9
File name: 119
Detection ratio: 39 / 59
Analysis date: 2019-01-07 23:04:00 UTC ( 1 month, 2 weeks ago ) View latest
Antivirus Result Update
Ad-Aware Gen:Variant.Trojan.Linux.XorDDoS.2 20190107
AhnLab-V3 Linux/Xorddos.625867 20190107
ALYac Gen:Variant.Trojan.Linux.XorDDoS.2 20190107
Antiy-AVL Trojan[DDoS]/Linux.Xarcen.a 20190107
Avast ELF:Xorddos-E [Trj] 20190107
Avast-Mobile ELF:Xorddos-I [Trj] 20190107
AVG ELF:Xorddos-E [Trj] 20190107
Avira (no cloud) LINUX/Xorddos.cona 20190107
BitDefender Gen:Variant.Trojan.Linux.XorDDoS.2 20190107
CAT-QuickHeal TrojanXor.Linux.DDos.A 20190107
ClamAV Unix.Trojan.DDoS_XOR-1 20190107
Comodo Malware@#13tm1ukrdwdg0 20190107
Cyren ELF/Trojan.GLXP-8 20190107
DrWeb Linux.DDoS.Xor.4 20190107
Emsisoft Gen:Variant.Trojan.Linux.XorDDoS.2 (B) 20190107
ESET-NOD32 a variant of Linux/Xorddos.C 20190107
F-Secure Gen:Variant.Trojan.Linux.XorDDoS.2 20190107
Fortinet ELF/DDoS.BH!tr 20190107
GData Gen:Variant.Trojan.Linux.XorDDoS.2 20190107
Ikarus Trojan.Linux.DDoS 20190107
Jiangmin TrojanDDoS.Linux.ff 20190107
Kaspersky HEUR:Trojan-DDoS.Linux.Xarcen.a 20190107
MAX malware (ai score=100) 20190108
McAfee Linux/DDoS-Xor.A 20190107
McAfee-GW-Edition Linux/DDoS-Xor.A 20190107
Microsoft DoS:Linux/Xorddos!rfn 20190107
eScan Gen:Variant.Trojan.Linux.XorDDoS.2 20190107
NANO-Antivirus Trojan.Elf32.Xarcen.eftmox 20190107
Panda ELF/XorDDos.A 20190107
Qihoo-360 Win32/Trojan.DDoS.bbc 20190108
Rising Trojan.DDoS-Xor/Linux!1.A3E4 (CLASSIC) 20190107
SentinelOne (Static ML) static engine - malicious 20181223
Sophos AV Linux/DDoS-BH 20190107
Symantec Linux.Xorddos 20190107
Tencent Trojan.Linux.XorDdos.a 20190108
TrendMicro ELF_XORDDOS.SM 20190107
TrendMicro-HouseCall ELF_XORDDOS.SM 20190107
Zillya Trojan.Xorddos.Linux.34 20190105
ZoneAlarm by Check Point HEUR:Trojan-DDoS.Linux.Xarcen.a 20190107
Acronis 20181227
AegisLab 20190107
Alibaba 20180921
Arcabit 20190107
Babable 20180918
Baidu 20190107
Bkav 20190107
CMC 20190107
CrowdStrike Falcon (ML) 20181022
Cybereason 20180225
Cylance 20190108
eGambit 20190108
Endgame 20181108
F-Prot 20190107
Sophos ML 20181128
K7AntiVirus 20190107
K7GW 20190107
Kingsoft 20190108
Malwarebytes 20190107
Palo Alto Networks (Known Signatures) 20190108
SUPERAntiSpyware 20190102
TACHYON 20190107
TheHacker 20190106
TotalDefense 20190107
Trapmine 20190103
Trustlook 20190108
VBA32 20190104
VIPRE 20190107
ViRobot 20190107
Webroot 20190108
Yandex 20181229
Zoner 20190107
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 5
Section headers 28
ELF sections
ELF Segments
.note.ABI-tag
.init
.text
__libc_freeres_fn
__libc_thread_freeres_fn
.fini
.rodata
__libc_subfreeres
__libc_atexit
__libc_thread_subfreeres
.eh_frame
.gcc_except_table
.ctors
.dtors
.jcr
.data.rel.ro
.got
.got.plt
.data
.bss
__libc_freeres_ptrs
.note.ABI-tag
Segment without sections
Segment without sections
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
i386

File identification
MD5 3291432c0084225333ee57320404e655
SHA1 96a637393566a51222a87f3588b01e021faac651
SHA256 2409fb21fe377f7e12dda392f26d7c93b7715239169d362dd907fe499ab38ee9
ssdeep
12288:FBXOvdwV1/n/dQFhWlH/c1dHo4h9L+zNZrr/T6yF8EEP4UlUuTh1AG:FBXmkN/+Fhu/Qo4h9L+zNN/BVEBl/91h

File size 611.2 KB ( 625867 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.6.9, not stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
elf

VirusTotal metadata
First submission 2017-01-17 15:42:40 UTC ( 2 years, 1 month ago )
Last submission 2019-02-19 23:30:33 UTC ( 4 days, 2 hours ago )
File names 242
186
58
aa
46
output.107450717.txt
361
56
50
output.110344980.txt
output.107632111.txt
98
20170402063748_http___185_191_229_167_s443ls
241
tmpPLLt4F
228
tmp1ckwNd
317
101
96
97
135
3291432c0084225333ee57320404e655
3291432c0084225333ee57320404e655
131
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!