× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 393ac47184475af099eafce91d7472ea5af1d74636a992cc08bf40872d22fa4a
File name: exp24
Detection ratio: 3 / 51
Analysis date: 2014-09-11 16:27:47 UTC ( 4 years, 8 months ago ) View latest
Antivirus Result Update
Avast ELF:Elknot-AS [Trj] 20140911
Kaspersky Backdoor.Linux.Ganiw.a 20140911
Qihoo-360 virus.elf.rootkit.f 20140911
Ad-Aware 20140911
AegisLab 20140911
Yandex 20140911
AhnLab-V3 20140911
Antiy-AVL 20140911
AVG 20140911
Avira (no cloud) 20140911
AVware 20140911
Baidu-International 20140911
BitDefender 20140911
Bkav 20140911
ByteHero 20140911
CAT-QuickHeal 20140911
ClamAV 20140910
CMC 20140908
Comodo 20140911
Cyren 20140911
DrWeb 20140911
Emsisoft 20140911
ESET-NOD32 20140911
F-Prot 20140911
F-Secure 20140911
Fortinet 20140911
GData 20140911
Ikarus 20140911
Jiangmin 20140910
K7AntiVirus 20140911
K7GW 20140911
Kingsoft 20140911
Malwarebytes 20140911
McAfee 20140911
McAfee-GW-Edition 20140911
Microsoft 20140911
eScan 20140911
NANO-Antivirus 20140911
Norman 20140911
nProtect 20140911
Panda 20140911
Rising 20140911
Sophos AV 20140911
SUPERAntiSpyware 20140911
Symantec 20140911
Tencent 20140911
TheHacker 20140911
TotalDefense 20140911
TrendMicro 20140911
TrendMicro-HouseCall 20140911
VBA32 20140911
VIPRE 20140911
ViRobot 20140911
Zillya 20140910
Zoner 20140910
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 3
Section headers 31
ELF sections
ELF Segments
.init
.text
__libc_freeres_fn
__libc_thread_freeres_fn
.fini
.rodata
__libc_subfreeres
__libc_atexit
__libc_thread_subfreeres
.eh_frame
.gcc_except_table
.note.ABI-tag
.data
.ctors
.dtors
.jcr
.got
.bss
__libc_freeres_ptrs
.note.ABI-tag
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
i386

File identification
MD5 b165fc62f6326b18308133acfd228b58
SHA1 da26fbdebf2350f1fab998943d45d8e5ae2dabe9
SHA256 393ac47184475af099eafce91d7472ea5af1d74636a992cc08bf40872d22fa4a
ssdeep
49152:2nilOolLbt1laIunbZsehk1S55555555555555555555555555555555555k55w1:yeOolLbt1laIunlseh9NtYi7COEm

File size 1.5 MB ( 1599477 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.2.5, not stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
elf

VirusTotal metadata
First submission 2014-09-11 16:27:47 UTC ( 4 years, 8 months ago )
Last submission 2017-02-25 02:21:08 UTC ( 2 years, 3 months ago )
File names VirusShare_b165fc62f6326b18308133acfd228b58
5bsYaWPeF.jpg
exp24
vti-rescan
da26fbdebf2350f1fab998943d45d8e5ae2dabe9_exp24
XvNCxjZBy.scr
b165fc62f6326b18308133acfd228b58
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!