× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 50e3c0c9f6827aa3b6a8922e7b5d892fe69cb542af4d5c0f745f6ea92afe3f02
File name: VirusShare_f9ad37bc11a4f5249b660cacadd14ad3
Detection ratio: 32 / 60
Analysis date: 2018-06-06 10:43:18 UTC ( 4 months, 2 weeks ago )
Antivirus Result Update
Ad-Aware Linux.DDOS.Flood.C 20180606
AegisLab Backdoor.Linux.Ganiw!c 20180606
AhnLab-V3 Linux/Ddosagent.1295031 20180605
ALYac Backdoor.Linux.Mayday 20180606
Antiy-AVL Trojan[Backdoor]/Linux.Ganiw.a 20180606
Arcabit Linux.DDOS.Flood.C 20180606
Avast ELF:Elknot-AS [Trj] 20180606
AVG ELF:Elknot-AS [Trj] 20180606
BitDefender Linux.DDOS.Flood.C 20180606
CAT-QuickHeal Linux.Sfloost.b56c 20180606
ClamAV Unix.Trojan.Elknot-2 20180606
DrWeb Linux.BackDoor.Gates.5 20180606
Emsisoft Linux.DDOS.Flood.C (B) 20180606
ESET-NOD32 Linux/Setag.B 20180606
F-Secure Linux.DDOS.Flood.C 20180606
GData Linux.Trojan.Siggen.D 20180606
Ikarus Trojan.Linux.Agent 20180606
Jiangmin Backdoor/Linux.lc 20180606
Kaspersky HEUR:Backdoor.Linux.Ganiw.d 20180606
MAX malware (ai score=98) 20180606
McAfee Linux/Gates.a 20180606
McAfee-GW-Edition Linux/Gates.a 20180606
Microsoft Backdoor:Linux/Setag.gen!A 20180606
eScan Linux.DDOS.Flood.C 20180606
NANO-Antivirus Trojan.Elf32.Ganiw.dhppye 20180606
Qihoo-360 Win32/Trojan.b1e 20180606
Sophos AV Linux/DDoS-BD 20180606
Symantec Linux.Chikdos.B 20180606
Tencent backdoor.linux.ganiw.p 20180606
TrendMicro ELF_BIGATS.A 20180606
TrendMicro-HouseCall ELF_BIGATS.A 20180606
ZoneAlarm by Check Point HEUR:Backdoor.Linux.Ganiw.d 20180606
Alibaba 20180606
Avast-Mobile 20180606
Avira (no cloud) 20180606
AVware 20180606
Babable 20180406
Baidu 20180606
Bkav 20180605
CMC 20180606
Comodo 20180606
CrowdStrike Falcon (ML) 20180530
Cybereason 20180225
Cylance 20180606
Cyren 20180606
eGambit 20180606
Endgame 20180507
F-Prot 20180606
Fortinet 20180606
Sophos ML 20180601
K7AntiVirus 20180606
K7GW 20180606
Kingsoft 20180606
Malwarebytes 20180606
Palo Alto Networks (Known Signatures) 20180606
Panda 20180605
Rising 20180606
SentinelOne (Static ML) 20180225
SUPERAntiSpyware 20180606
Symantec Mobile Insight 20180605
TACHYON 20180605
TheHacker 20180606
TotalDefense 20180606
Trustlook 20180606
VBA32 20180606
VIPRE 20180606
ViRobot 20180605
Webroot 20180606
Yandex 20180529
Zillya 20180605
Zoner 20180606
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 5
Section headers 28
ELF sections
ELF Segments
.note.ABI-tag
.init
.text
__libc_thread_freeres_fn
__libc_freeres_fn
.fini
.rodata
__libc_atexit
__libc_subfreeres
__libc_thread_subfreeres
.eh_frame
.gcc_except_table
.ctors
.dtors
.jcr
.data.rel.ro
.got
.got.plt
.data
.bss
__libc_freeres_ptrs
.note.ABI-tag
Segment without sections
Segment without sections
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
i386

File identification
MD5 f9ad37bc11a4f5249b660cacadd14ad3
SHA1 e41a40fdcd94718eef8a954ce67bd03ac5c70a00
SHA256 50e3c0c9f6827aa3b6a8922e7b5d892fe69cb542af4d5c0f745f6ea92afe3f02
ssdeep
24576:zqYa+C2B7RbLMW05aKGUmRFHNTZL8BlQpEw8NAhViEWcXUsrO4nr4:WX27N05aK9m3NTZL8BlmvjDit5sXr4

File size 1.2 MB ( 1295031 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.2.5, not stripped

TrID ELF Executable and Linkable format (generic) (100.0%)
Tags
elf

VirusTotal metadata
First submission 2014-04-06 20:20:46 UTC ( 4 years, 6 months ago )
Last submission 2017-02-25 03:21:01 UTC ( 1 year, 7 months ago )
File names sfewfesfs.upx
sfewfesfs_1
meh.exe
pojie
malwe
codex-gigas_a62a96da12853445526628dc1c218cd7
50e3c0c9f6827aa3b6a8922e7b5d892fe69cb542af4d5c0f745f6ea92afe3f02
vti-rescan
e41a40fdcd94718eef8a954ce67bd03ac5c70a00_agent
file-6840750_
1474252542
VirusShare_f9ad37bc11a4f5249b660cacadd14ad3
cupsdd
gb_sfewfesfs
download.1398159388
sfewfesfs
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!