× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2764c515861c010c04d697f2d49079d3be78749b85a39e500a586c6b99db78e8
File name: DDosStarter
Detection ratio: 0 / 57
Analysis date: 2015-01-17 10:30:42 UTC ( 3 years, 1 month ago ) View latest
Antivirus Result Update
Ad-Aware 20150117
AegisLab 20150117
Yandex 20150116
AhnLab-V3 20150116
Alibaba 20150116
ALYac 20150117
Antiy-AVL 20150117
Avast 20150117
AVG 20150117
Avira (no cloud) 20150117
AVware 20150117
Baidu-International 20150117
BitDefender 20150117
Bkav 20150117
ByteHero 20150117
CAT-QuickHeal 20150117
ClamAV 20150117
CMC 20150116
Comodo 20150117
Cyren 20150117
DrWeb 20150117
Emsisoft 20150117
ESET-NOD32 20150117
F-Prot 20150117
F-Secure 20150117
Fortinet 20150117
GData 20150117
Ikarus 20150117
Jiangmin 20150116
K7AntiVirus 20150117
K7GW 20150116
Kaspersky 20150117
Kingsoft 20150117
Malwarebytes 20150117
McAfee 20150117
McAfee-GW-Edition 20150117
Microsoft 20150117
eScan 20150117
NANO-Antivirus 20150117
Norman 20150117
nProtect 20150116
Panda 20150116
Qihoo-360 20150117
Rising 20150116
Sophos AV 20150117
SUPERAntiSpyware 20150117
Symantec 20150117
Tencent 20150117
TheHacker 20150116
TotalDefense 20150116
TrendMicro 20150117
TrendMicro-HouseCall 20150117
VBA32 20150116
VIPRE 20150117
ViRobot 20150117
Zillya 20150116
Zoner 20150116
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 8
Section headers 30
ELF sections
ELF Segments
Segment without sections
.interp
.interp
.note.ABI-tag
.note.gnu.build-id
.gnu.hash
.dynsym
.dynstr
.gnu.version
.gnu.version_r
.rel.dyn
.rel.plt
.init
.plt
.text
.fini
.rodata
.eh_frame_hdr
.eh_frame
.ctors
.dtors
.jcr
.dynamic
.got
.got.plt
.data
.bss
.dynamic
.note.ABI-tag
.note.gnu.build-id
.eh_frame_hdr
Segment without sections
Shared libraries
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

FileAccessDate
2015:01:22 07:16:15+01:00

ObjectFileType
Executable file

CPUType
i386

FileCreateDate
2015:01:22 07:16:15+01:00

Compressed bundles
File identification
MD5 3909978a80c3451789f9a8f06f4caf84
SHA1 be4e0dc70f76ab8d6d62359e26d389c9a827faf2
SHA256 2764c515861c010c04d697f2d49079d3be78749b85a39e500a586c6b99db78e8
ssdeep
96:fxnphM+9zB3fS6cGnv9eufKLlqS5JT3X4r9HrRLemhiGrnAW0pBS5olcPOgueGUM:fXC+9BaEeufEJrqN1irIP3uVz

File size 8.4 KB ( 8649 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.18, not stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
elf

VirusTotal metadata
First submission 2015-01-17 10:30:42 UTC ( 3 years, 1 month ago )
Last submission 2015-01-22 06:16:00 UTC ( 3 years, 1 month ago )
File names vti-rescan
DDosStarter
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!