× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 6be322cd81ebc60cfeeac2896b26ef015d975ad3dda95ae63c4c7a28b7809029
File name: elf_xorddos_rootkit_vermagic=3.13.0-32_cacraxszmn.dat
Detection ratio: 1 / 56
Analysis date: 2014-12-18 08:32:42 UTC ( 4 years, 4 months ago ) View latest
Antivirus Result Update
Avast ELF:Xorddos-D [Rtk] 20141218
Ad-Aware 20141218
AegisLab 20141218
Yandex 20141217
AhnLab-V3 20141218
ALYac 20141218
Antiy-AVL 20141218
AVG 20141218
Avira (no cloud) 20141218
AVware 20141218
Baidu-International 20141217
BitDefender 20141218
Bkav 20141217
ByteHero 20141218
CAT-QuickHeal 20141218
ClamAV 20141218
CMC 20141215
Comodo 20141218
Cyren 20141218
DrWeb 20141218
Emsisoft 20141218
ESET-NOD32 20141218
F-Prot 20141218
F-Secure 20150101
Fortinet 20141218
GData 20141218
Ikarus 20141218
Jiangmin 20141217
K7AntiVirus 20141217
K7GW 20141218
Kaspersky 20141218
Kingsoft 20141218
Malwarebytes 20141218
McAfee 20141218
McAfee-GW-Edition 20150101
Microsoft 20141218
eScan 20141218
NANO-Antivirus 20141218
Norman 20141218
nProtect 20141217
Panda 20141217
Qihoo-360 20150101
Rising 20141217
Sophos AV 20141218
SUPERAntiSpyware 20141218
Symantec 20141218
Tencent 20141218
TheHacker 20141217
TotalDefense 20141218
TrendMicro 20141218
TrendMicro-HouseCall 20141218
VBA32 20141217
VIPRE 20141218
ViRobot 20141218
Zillya 20141216
Zoner 20141216
The file being studied is an ELF! More specifically, it is a REL (Relocatable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type REL (Relocatable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 0
Section headers 27
ELF sections
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF object file

FileTypeExtension
o

ObjectFileType
Relocatable file

CPUType
i386

File identification
MD5 f7a18cfa2f11039ad1c23421f969ec64
SHA1 dc5faec4549698cb7ee6fb5ada85b885b8dfadfa
SHA256 6be322cd81ebc60cfeeac2896b26ef015d975ad3dda95ae63c4c7a28b7809029
ssdeep
384:4DDDWXpEf6f6f6f+pEf1x+xZBj8PwYRKzluIQ7pwnhfcfuYiJ:bXaf6f6f6f+af1x+xZBycuLYEf+

File size 15.4 KB ( 15787 bytes )
File type ELF
Magic literal
ELF 32-bit LSB relocatable, Intel 80386, version 1 (SYSV), not stripped

TrID ELF Executable and Linkable format (generic) (100.0%)
Tags
elf relocatable

VirusTotal metadata
First submission 2014-12-18 08:32:42 UTC ( 4 years, 4 months ago )
Last submission 2018-05-24 05:13:00 UTC ( 11 months ago )
File names elf_xorddos_rootkit_vermagic=3.13.0-32_cacraxszmn.dat
vti-rescan
6be322cd81ebc60cfeeac2896b26ef015d975ad3dda95ae63c4c7a28b7809029
f7a18cfa2f11039ad1c23421f969ec64
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!