× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 611f3978c8e1802a7ffc32857ae8e588127080898a1b77854620c5468b8afb0e
File name: DDosClientTemp64
Detection ratio: 6 / 55
Analysis date: 2015-07-01 09:44:39 UTC ( 3 years, 7 months ago )
Antivirus Result Update
Avast ELF:Chinaz-C [Trj] 20150701
DrWeb Linux.DDoS.73 20150701
ESET-NOD32 a variant of Linux/DDoS.Agent.AM 20150701
Kaspersky HEUR:Trojan-DDoS.Linux.Znaich.a 20150701
Microsoft DDoS:Linux/Zanich.B 20150701
Sophos AV Linux/DDoS-BO 20150701
Ad-Aware 20150701
AegisLab 20150701
Yandex 20150630
AhnLab-V3 20150630
Alibaba 20150630
ALYac 20150701
Antiy-AVL 20150701
Arcabit 20150630
AVG 20150701
Avira (no cloud) 20150701
AVware 20150701
Baidu-International 20150701
BitDefender 20150701
Bkav 20150630
ByteHero 20150701
CAT-QuickHeal 20150701
ClamAV 20150701
Comodo 20150701
Cyren 20150701
Emsisoft 20150701
F-Prot 20150701
F-Secure 20150701
Fortinet 20150701
GData 20150701
Ikarus 20150701
Jiangmin 20150630
K7AntiVirus 20150701
K7GW 20150701
Kingsoft 20150701
Malwarebytes 20150701
McAfee 20150701
McAfee-GW-Edition 20150630
eScan 20150701
NANO-Antivirus 20150630
nProtect 20150701
Panda 20150701
Qihoo-360 20150701
Rising 20150630
SUPERAntiSpyware 20150701
Symantec 20150701
Tencent 20150701
TheHacker 20150701
TrendMicro 20150701
TrendMicro-HouseCall 20150701
VBA32 20150701
VIPRE 20150701
ViRobot 20150701
Zillya 20150701
Zoner 20150701
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Advanced Micro Devices X86-64 machines.
ELF Header
Class ELF64
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - Linux
ABI version 0
Object file type EXEC (Executable file)
Required architecture Advanced Micro Devices X86-64
Object file version 0x1
Program headers 6
Section headers 39
ELF sections
ELF Segments
.note.ABI-tag
.note.gnu.build-id
.rela.plt
.init
.plt
.text
__libc_freeres_fn
__libc_thread_freeres_fn
.fini
.rodata
__libc_subfreeres
__libc_atexit
__libc_thread_subfreeres
.eh_frame
.gcc_except_table
.preinit_array
.init_array
.fini_array
.jcr
.data.rel.ro
.got
.got.plt
.data
.bss
__libc_freeres_ptrs
.note.ABI-tag
.note.gnu.build-id
Segment without sections
Segment without sections
.preinit_array
.init_array
.fini_array
.jcr
.data.rel.ro
.got
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
64 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
AMD x86-64

File identification
MD5 2d819b130302708120c8d8e2e3532dbc
SHA1 9f7ce3ec8641582f3ffa3c861ae2c18b98bb028a
SHA256 611f3978c8e1802a7ffc32857ae8e588127080898a1b77854620c5468b8afb0e
ssdeep
24576:MNrcvb1CkA4OrausYdmvIPhnRSYW+FMpHTKnI7aNtkolnhI:ErcT1CJrauimnRScmHTYI4/4

File size 1.9 MB ( 1980219 bytes )
File type ELF
Magic literal
ELF 64-bit LSB executable, x86-64, version 1 (GNU/Linux), statically linked, for GNU/Linux 2.6.24, not stripped

TrID ELF Executable and Linkable format (generic) (100.0%)
Tags
64bits elf

VirusTotal metadata
First submission 2015-07-01 09:44:39 UTC ( 3 years, 7 months ago )
Last submission 2015-07-01 09:44:39 UTC ( 3 years, 7 months ago )
File names DDosClientTemp64
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!