× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 35fabc7ccfa3a97128c27872258a20d314cfd210a2e4cc37fe2f939312f4383e
File name: i586
Detection ratio: 7 / 56
Analysis date: 2016-04-08 17:29:59 UTC ( 3 years ago ) View latest
Antivirus Result Update
Avast ELF:Gafgyt-AG [Trj] 20160408
AVG Linux/Fgt 20160408
DrWeb Linux.BackDoor.Fgt.46 20160408
ESET-NOD32 a variant of Linux/Gafgyt.N 20160408
Fortinet ELF/Gafgyt.I386!tr 20160404
Ikarus Trojan.Linux.Gafgyt 20160408
Kaspersky HEUR:Backdoor.Linux.Gafgyt.d 20160408
Ad-Aware 20160408
AegisLab 20160408
AhnLab-V3 20160408
Alibaba 20160408
ALYac 20160408
Antiy-AVL 20160408
Arcabit 20160408
Avira (no cloud) 20160408
AVware 20160408
Baidu 20160408
Baidu-International 20160408
BitDefender 20160408
Bkav 20160408
CAT-QuickHeal 20160407
ClamAV 20160408
CMC 20160408
Comodo 20160408
Cyren 20160408
Emsisoft 20160408
F-Prot 20160408
F-Secure 20160408
GData 20160408
Jiangmin 20160408
K7AntiVirus 20160408
K7GW 20160404
Kingsoft 20160408
Malwarebytes 20160408
McAfee 20160408
McAfee-GW-Edition 20160408
Microsoft 20160408
eScan 20160408
NANO-Antivirus 20160408
nProtect 20160408
Panda 20160408
Qihoo-360 20160408
Rising 20160408
Sophos AV 20160408
SUPERAntiSpyware 20160408
Symantec 20160408
Tencent 20160408
TheHacker 20160408
TrendMicro 20160408
TrendMicro-HouseCall 20160408
VBA32 20160408
VIPRE 20160408
ViRobot 20160408
Yandex 20160406
Zillya 20160408
Zoner 20160408
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 3
Section headers 14
ELF sections
ELF Segments
.init
.text
.fini
.rodata
.eh_frame
.ctors
.dtors
.jcr
.got.plt
.data
.bss
Segment without sections
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
i386

File identification
MD5 b4e9af8e5fd11c94b68b7d13a75945af
SHA1 c538ac6a2ad4dbf964581ae5693e342d2a25d5e8
SHA256 35fabc7ccfa3a97128c27872258a20d314cfd210a2e4cc37fe2f939312f4383e
ssdeep
768:FqvO5ffOTxYaRE5e99vCjqHhcFUiORh3CNtn3/PA6j:IO5ffYYaRSI9vCjqHheHch3Cj3/P9j

File size 36.6 KB ( 37512 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
elf

VirusTotal metadata
First submission 2016-04-08 17:29:59 UTC ( 3 years ago )
Last submission 2016-04-08 17:29:59 UTC ( 3 years ago )
File names i586
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!