× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 6dd946e821df59705dcfeb79fab810336d0ee497fd715fb5b6711e05c0428f4d
File name: VirusShare_18442c18d407ba32fdfa2bbf0c86565f
Detection ratio: 29 / 58
Analysis date: 2017-07-19 21:20:56 UTC ( 1 month ago )
Antivirus Result Update
Ad-Aware Trojan.DDoS.RFO 20170719
AegisLab Troj.Ddos.Rfo!c 20170719
AhnLab-V3 Linux/Flooder.11128 20170719
ALYac Backdoor.Linux.Ganiw 20170719
Arcabit Trojan.DDoS.RFO 20170719
Avast ELF:Flooder-CA [Cryp] 20170719
AVG ELF:Flooder-CA [Cryp] 20170719
BitDefender Trojan.DDoS.RFO 20170719
CAT-QuickHeal Linux.DnsAmp.a 583 20170719
Comodo UnclassifiedMalware 20170719
DrWeb Linux.DDoS.53 20170719
Emsisoft Trojan.DDoS.RFO (B) 20170719
ESET-NOD32 Linux/Flooder.A 20170719
F-Secure Trojan.DDoS.RFO 20170719
GData Trojan.DDoS.RFO 20170719
Ikarus Trojan.DDoS 20170719
Jiangmin TrojanDDoS.Linux.gh 20170719
K7AntiVirus Trojan ( 0001140e1 ) 20170719
K7GW Trojan ( 0001140e1 ) 20170719
Kaspersky HEUR:Trojan-DDoS.Linux.Agent.k 20170719
MAX malware (ai score=83) 20170719
McAfee Linux/Generic.d 20170719
McAfee-GW-Edition Linux/Generic.d 20170719
eScan Trojan.DDoS.RFO 20170719
NANO-Antivirus Trojan.Agent.ebdane 20170719
Sophos AV Linux/Dldr-IG 20170719
Symantec SecurityRisk.gen1 20170719
TotalDefense Tnega.XAVH!suspicious 20170719
ZoneAlarm by Check Point HEUR:Trojan-DDoS.Linux.Agent.k 20170719
Alibaba 20170719
Antiy-AVL 20170719
Avira (no cloud) 20170719
AVware 20170719
Baidu 20170719
Bkav 20170719
ClamAV 20170719
CMC 20170719
CrowdStrike Falcon (ML) 20170710
Cylance 20170719
Cyren 20170719
Endgame 20170713
F-Prot 20170719
Fortinet 20170719
Sophos ML 20170607
Kingsoft 20170719
Malwarebytes 20170719
Microsoft 20170719
nProtect 20170719
Palo Alto Networks (Known Signatures) 20170719
Panda 20170719
Qihoo-360 20170719
Rising 20170719
SentinelOne (Static ML) 20170718
SUPERAntiSpyware 20170719
Symantec Mobile Insight 20170719
Tencent 20170719
TheHacker 20170719
TrendMicro 20170719
TrendMicro-HouseCall 20170719
Trustlook 20170719
VBA32 20170719
VIPRE 20170719
ViRobot 20170719
Webroot 20170719
WhiteArmor 20170713
Yandex 20170719
Zillya 20170719
Zoner 20170719
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Advanced Micro Devices X86-64 machines.
ELF Header
Class ELF64
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - Linux
ABI version 0
Object file type EXEC (Executable file)
Required architecture Advanced Micro Devices X86-64
Object file version 0x1
Program headers 2
Section headers 0
Packers identified
upx
ELF Segments
Segment without sections
Segment without sections
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
64 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
AMD x86-64

Compressed bundles
File identification
MD5 18442c18d407ba32fdfa2bbf0c86565f
SHA1 20f8c0498c9d01638bc8a2f9af5c845d02bc1bbe
SHA256 6dd946e821df59705dcfeb79fab810336d0ee497fd715fb5b6711e05c0428f4d
ssdeep
192:VCDSJM3naVJ6Yiywmbbj6IqURwXD0vLc5txQFdE9r4VchgzBUi0d:4Dr3k6jy5aIqURwXAsYFVVcezKiG

File size 10.9 KB ( 11128 bytes )
File type ELF
Magic literal
ELF 64-bit LSB executable, x86-64, version 1 (GNU/Linux), statically linked, stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
64bits elf upx

VirusTotal metadata
First submission 2014-03-22 08:57:58 UTC ( 3 years, 5 months ago )
Last submission 2017-07-19 21:20:56 UTC ( 1 month ago )
File names 20f8c0498c9d01638bc8a2f9af5c845d02bc1bbe_DDos64
Dz0y3_.ocx
VirusShare_18442c18d407ba32fdfa2bbf0c86565f
vti-rescan
DDos64
18442c18d407ba32fdfa2bbf0c86565f
Bjhnsg.tgz
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!