× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 6dd946e821df59705dcfeb79fab810336d0ee497fd715fb5b6711e05c0428f4d
File name: 20f8c0498c9d01638bc8a2f9af5c845d02bc1bbe_DDos64
Detection ratio: 28 / 55
Analysis date: 2016-11-17 06:04:07 UTC ( 7 months, 1 week ago )
Antivirus Result Update
Ad-Aware Trojan.DDoS.RFO 20161117
AegisLab Troj.Ddos.Rfo!c 20161117
AhnLab-V3 Linux/Flooder.11128 20161116
ALYac Backdoor.Linux.Ganiw 20161117
Arcabit Trojan.DDoS.RFO 20161117
Avast ELF:Flooder-CA [Cryp] 20161117
AVG Linux/Flooder2.AM 20161117
BitDefender Trojan.DDoS.RFO 20161117
CAT-QuickHeal Linux.DnsAmp.a 583 20161117
Comodo UnclassifiedMalware 20161117
DrWeb Linux.DDoS.53 20161117
Emsisoft Trojan.DDoS.RFO (B) 20161117
ESET-NOD32 Linux/Flooder.A 20161117
F-Secure Trojan.DDoS.RFO 20161117
GData Trojan.DDoS.RFO 20161117
Ikarus Trojan.DDoS 20161116
Jiangmin TrojanDDoS.Linux.gh 20161116
K7AntiVirus Trojan ( 0001140e1 ) 20161116
K7GW Trojan ( 0001140e1 ) 20161117
Kaspersky HEUR:Trojan-DDoS.Linux.Agent.k 20161117
McAfee Linux/Generic.d 20161117
McAfee-GW-Edition Linux/Generic.d 20161116
eScan Trojan.DDoS.RFO 20161117
NANO-Antivirus Trojan.Agent.ebdane 20161117
Rising Trojan.DDoS-MrBlack/Linux!1.A484 (classic) 20161117
Sophos Linux/Dldr-IG 20161117
TotalDefense Tnega.XAVH!suspicious 20161116
Zillya Downloader.OpenConnection.JS.119037 20161116
Alibaba 20161117
Antiy-AVL 20161117
Avira (no cloud) 20161116
AVware 20161117
Baidu 20161116
Bkav 20161116
ClamAV 20161117
CMC 20161116
CrowdStrike Falcon (ML) 20161024
Cyren 20161117
F-Prot 20161117
Fortinet 20161117
Invincea 20161018
Kingsoft 20161117
Malwarebytes 20161117
Microsoft 20161117
nProtect 20161117
Panda 20161115
Qihoo-360 20161117
SUPERAntiSpyware 20161117
Symantec 20161117
Tencent 20161117
TheHacker 20161115
TrendMicro 20161117
TrendMicro-HouseCall 20161117
VBA32 20161115
VIPRE 20161117
ViRobot 20161117
Yandex 20161116
Zoner 20161117
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Advanced Micro Devices X86-64 machines.
ELF Header
Class ELF64
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - Linux
ABI version 0
Object file type EXEC (Executable file)
Required architecture Advanced Micro Devices X86-64
Object file version 0x1
Program headers 2
Section headers 0
Packers identified
upx
ELF Segments
Segment without sections
Segment without sections
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
64 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
AMD x86-64

Compressed bundles
File identification
MD5 18442c18d407ba32fdfa2bbf0c86565f
SHA1 20f8c0498c9d01638bc8a2f9af5c845d02bc1bbe
SHA256 6dd946e821df59705dcfeb79fab810336d0ee497fd715fb5b6711e05c0428f4d
ssdeep
192:VCDSJM3naVJ6Yiywmbbj6IqURwXD0vLc5txQFdE9r4VchgzBUi0d:4Dr3k6jy5aIqURwXAsYFVVcezKiG

File size 10.9 KB ( 11128 bytes )
File type ELF
Magic literal
ELF 64-bit LSB executable, x86-64, version 1 (GNU/Linux), statically linked, stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
64bits elf upx

VirusTotal metadata
First submission 2014-03-22 08:57:58 UTC ( 3 years, 3 months ago )
Last submission 2016-02-08 01:42:45 UTC ( 1 year, 4 months ago )
File names 20f8c0498c9d01638bc8a2f9af5c845d02bc1bbe_DDos64
vti-rescan
18442c18d407ba32fdfa2bbf0c86565f
DDos64
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!