× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 701ea25c01212e6f21ffbf5e60214a441558825ec9b86159e19b1f9576962e86
File name: tmp.everys
Detection ratio: 4 / 53
Analysis date: 2014-05-27 22:09:12 UTC ( 4 years, 9 months ago ) View latest
Antivirus Result Update
Avast ELF:Elknot-J [Trj] 20140527
DrWeb Linux.BackDoor.Gates.5 20140527
Qihoo-360 Trojan.Generic 20140527
TrendMicro-HouseCall TROJ_GEN.F47V0524 20140527
Ad-Aware 20140527
AegisLab 20140527
Yandex 20140527
AhnLab-V3 20140527
AntiVir 20140527
Antiy-AVL 20140527
AVG 20140527
Baidu-International 20140527
BitDefender 20140527
Bkav 20140527
ByteHero 20140527
CAT-QuickHeal 20140527
ClamAV 20140527
CMC 20140526
Commtouch 20140527
Comodo 20140527
Emsisoft 20140527
ESET-NOD32 20140527
F-Prot 20140527
F-Secure 20140527
Fortinet 20140527
GData 20140527
Ikarus 20140527
Jiangmin 20140527
K7AntiVirus 20140527
K7GW 20140527
Kaspersky 20140527
Kingsoft 20140527
Malwarebytes 20140527
McAfee 20140527
McAfee-GW-Edition 20140527
Microsoft 20140527
eScan 20140527
NANO-Antivirus 20140527
Norman 20140527
nProtect 20140527
Panda 20140527
Rising 20140527
Sophos AV 20140527
SUPERAntiSpyware 20140527
Symantec 20140527
Tencent 20140527
TheHacker 20140527
TotalDefense 20140527
TrendMicro 20140527
VBA32 20140527
VIPRE 20140527
ViRobot 20140527
Zillya 20140527
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 5
Section headers 28
ELF sections
ELF Segments
.note.ABI-tag
.init
.text
__libc_thread_freeres_fn
__libc_freeres_fn
.fini
.rodata
__libc_atexit
__libc_subfreeres
__libc_thread_subfreeres
.eh_frame
.gcc_except_table
.ctors
.dtors
.jcr
.data.rel.ro
.got
.got.plt
.data
.bss
__libc_freeres_ptrs
.note.ABI-tag
Segment without sections
Segment without sections
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
i386

File identification
MD5 d88130001e1dee6d19ce2c2feaf6c27a
SHA1 f905dc8313ab0b57aba12f5689c0d1856763627a
SHA256 701ea25c01212e6f21ffbf5e60214a441558825ec9b86159e19b1f9576962e86
ssdeep
24576:u9vkSVDRCnBmDSBCCdMHnFGgqOuyfEylZvYiqLNor3XOYGvEyUcB66i:YvkMRwYDSBCwwqTyfEy3vwKrH/GvEyaj

File size 1.3 MB ( 1344645 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.2.5, not stripped

TrID ELF Executable and Linkable format (generic) (100.0%)
Tags
elf

VirusTotal metadata
First submission 2014-05-24 01:41:07 UTC ( 4 years, 10 months ago )
Last submission 2016-06-03 12:35:50 UTC ( 2 years, 9 months ago )
File names Gates
f905dc8313ab0b57aba12f5689c0d1856763627a_bash_temp.passwd
tmp.everys
bash_temp.passwd
vti-rescan
bash_tmp.passwd
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!