× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 5685b086ce12ffede8814e303223a67eca476735dfe4e9e84b751354a5ea0232
File name: stdin.pnscan,ELF.x32.mmd
Detection ratio: 24 / 54
Analysis date: 2016-08-23 15:43:30 UTC ( 7 months ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.Linux.PNScan.A 20160823
AegisLab Troj.Linux.Agent!c 20160823
AhnLab-V3 Linux/Pnscan.1034309 20160823
ALYac Trojan.Linux.PNScan.A 20160823
Arcabit Trojan.Linux.PNScan.A 20160823
Avast ELF:PNScan-Q [Cryp] 20160823
AVG Linux/BackDoor_c.FQ 20160823
Avira (no cloud) LINUX/PNScan.6.2 20160823
BitDefender Trojan.Linux.PNScan.A 20160823
ClamAV Unix.Malware.Agent-1393532 20160823
DrWeb Linux.PNScan.5 20160823
Emsisoft Trojan.Linux.PNScan.A (B) 20160823
ESET-NOD32 a variant of Linux/PNScan.A 20160823
F-Secure Trojan.Linux.PNScan.A 20160823
GData Trojan.Linux.PNScan.A 20160823
Ikarus Trojan.Linux.Agent 20160823
Jiangmin Backdoor/Linux.u 20160823
Kaspersky HEUR:Backdoor.Linux.Agent.ad 20160823
eScan Trojan.Linux.PNScan.A 20160823
NANO-Antivirus Trojan.Unix.Agent.ebdnka 20160823
Qihoo-360 Win32/Trojan.49b 20160823
Sophos Mal/Generic-S 20160823
Tencent Linux.Backdoor.Agent.Wtny 20160823
Zillya Trojan.PNScan.Linux.2 20160820
Alibaba 20160823
Antiy-AVL 20160823
AVware 20160823
Baidu 20160823
Bkav 20160823
CAT-QuickHeal 20160823
CMC 20160822
Comodo 20160823
Cyren 20160823
F-Prot 20160823
Fortinet 20160823
K7AntiVirus 20160823
K7GW 20160823
Kingsoft 20160823
Malwarebytes 20160823
McAfee 20160823
McAfee-GW-Edition 20160823
Microsoft 20160823
nProtect 20160823
Panda 20160823
Rising 20160823
Symantec 20160823
TheHacker 20160821
TrendMicro 20160823
TrendMicro-HouseCall 20160823
VBA32 20160823
VIPRE 20160823
ViRobot 20160823
Yandex 20160823
Zoner 20160823
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - Linux
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 2
Section headers 0
Packers identified
upx
ELF Segments
Segment without sections
Segment without sections
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
i386

File identification
MD5 6fb6f95546d5bdf4db11655249ee5288
SHA1 2d3e2ce680de6c13ab3236429efd4bca3bfaa79d
SHA256 5685b086ce12ffede8814e303223a67eca476735dfe4e9e84b751354a5ea0232
ssdeep
24576:Sqa18r8TpbPiToI6Rbzjvme0IdUMcbtppdnrt4xup34armEe:Swr8TMToI6RsR7aEItl

File size 1010.1 KB ( 1034309 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (GNU/Linux), statically linked, stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
elf upx via-tor

VirusTotal metadata
First submission 2016-01-27 05:26:45 UTC ( 1 year, 1 month ago )
Last submission 2017-03-08 23:37:36 UTC ( 2 weeks ago )
File names 20170211-200354-0b0fc3f4-1-stdin.log
stdin
20160530-104245-a8774e90-1-stdin.log
stdin.pnscan,ELF.x32.mmd
daemon.i686.mod
5685b086ce12ffede8814e303223a67eca476735dfe4e9e84b751354a5ea0232
20161206-151651-a8f96c35-1-stdin.log
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!