× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 2b227c6bc9195350e683e1608959fc179a4efd9eb486f6ad65b2fa4e0552b55e
File name: dnler.ELF.DES.Downloader
Detection ratio: 0 / 56
Analysis date: 2015-06-25 17:57:18 UTC ( 2 years, 2 months ago ) View latest
Antivirus Result Update
Ad-Aware 20150625
AegisLab 20150625
Yandex 20150624
AhnLab-V3 20150625
Alibaba 20150625
ALYac 20150625
Antiy-AVL 20150625
Arcabit 20150625
Avast 20150625
AVG 20150625
Avira (no cloud) 20150625
AVware 20150625
Baidu-International 20150625
BitDefender 20150625
Bkav 20150625
ByteHero 20150625
CAT-QuickHeal 20150625
ClamAV 20150624
CMC 20150624
Comodo 20150625
Cyren 20150625
DrWeb 20150625
Emsisoft 20150625
ESET-NOD32 20150625
F-Prot 20150625
F-Secure 20150625
Fortinet 20150625
GData 20150625
Ikarus 20150625
Jiangmin 20150624
K7AntiVirus 20150625
K7GW 20150625
Kaspersky 20150625
Kingsoft 20150625
Malwarebytes 20150625
McAfee 20150625
McAfee-GW-Edition 20150625
Microsoft 20150625
eScan 20150625
NANO-Antivirus 20150625
nProtect 20150625
Panda 20150625
Qihoo-360 20150625
Rising 20150625
Sophos AV 20150625
SUPERAntiSpyware 20150625
Symantec 20150625
Tencent 20150625
TheHacker 20150625
TrendMicro 20150625
TrendMicro-HouseCall 20150625
VBA32 20150625
VIPRE 20150625
ViRobot 20150625
Zillya 20150625
Zoner 20150625
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - Linux
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 5
Section headers 43
ELF sections
ELF Segments
.note.ABI-tag
.note.gnu.build-id
.rel.plt
.init
.plt
.text
__libc_freeres_fn
__libc_thread_freeres_fn
.fini
.rodata
__libc_atexit
__libc_subfreeres
__libc_thread_subfreeres
.stapsdt.base
.eh_frame
.gcc_except_table
.ctors
.dtors
.jcr
.data.rel.ro
.got
.got.plt
.data
.bss
__libc_freeres_ptrs
.note.ABI-tag
.note.gnu.build-id
Segment without sections
Segment without sections
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
i386

Compressed bundles
File identification
MD5 982dd916fe4111f01233f8c928293383
SHA1 d083fb3e8bfec8dce0e91c1f193a7dc2cd01f837
SHA256 2b227c6bc9195350e683e1608959fc179a4efd9eb486f6ad65b2fa4e0552b55e
ssdeep
24576:3qJQh1dh4Oihr/vFhxrwyTKOErGEeA4IBmxY9:6JQh1dh4OiR3fx7TKO5Ir9

File size 787.4 KB ( 806314 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (GNU/Linux), statically linked, for GNU/Linux 2.6.18, from 'p) 4@%edi 4@$0', not stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
exploit elf cve-2015-1427

VirusTotal metadata
First submission 2015-06-24 09:22:24 UTC ( 2 years, 2 months ago )
Last submission 2015-09-15 10:42:56 UTC ( 2 years ago )
File names 982DD916FE4111F01233F8C928293383
d083fb3e8bfec8dce0e91c1f193a7dc2cd01f837_dnler
dnler
2b227c6bc9195350e683e1608959fc179a4efd9eb486f6ad65b2fa4e0552b55e.bin
dnler.ELF.DES.Downloader
2b227c6bc9195350e683e1608959fc179a4efd9eb486f6ad65b2fa4e0552b55e.log
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!