× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 735fa0b4fde54af92c2db2d8932614d7e19ea4a691163e5e08e501b8f42e54d8
File name: 8520
Detection ratio: 9 / 54
Analysis date: 2014-09-15 09:36:13 UTC ( 4 years, 6 months ago ) View latest
Antivirus Result Update
Avast ELF:Elknot-AS [Trj] 20140915
Comodo UnclassifiedMalware 20140915
ESET-NOD32 Linux/Agent.I.Gen 20140915
GData Linux.Trojan.Agent.HJ7DQF 20140915
Ikarus Trojan.Linux.Agent 20140915
Kaspersky Backdoor.Linux.Ganiw.a 20140915
Qihoo-360 Trojan.Generic 20140915
Sophos AV Linux/DDoS-BD 20140915
Symantec Trojan.Chikdos.B!gen2 20140915
Ad-Aware 20140915
AegisLab 20140915
Yandex 20140914
AhnLab-V3 20140915
Antiy-AVL 20140915
AVG 20140915
Avira (no cloud) 20140915
AVware 20140915
Baidu-International 20140915
BitDefender 20140915
Bkav 20140913
ByteHero 20140915
CAT-QuickHeal 20140915
ClamAV 20140914
CMC 20140915
Cyren 20140915
DrWeb 20140915
Emsisoft 20140915
F-Prot 20140913
F-Secure 20140915
Fortinet 20140915
Jiangmin 20140914
K7AntiVirus 20140912
K7GW 20140912
Kingsoft 20140915
Malwarebytes 20140915
McAfee 20140915
McAfee-GW-Edition 20140915
Microsoft 20140915
eScan 20140915
NANO-Antivirus 20140915
Norman 20140914
nProtect 20140914
Panda 20140914
Rising 20140914
SUPERAntiSpyware 20140914
Tencent 20140915
TheHacker 20140913
TotalDefense 20140914
TrendMicro 20140915
VBA32 20140915
VIPRE 20140915
ViRobot 20140915
Zillya 20140915
Zoner 20140912
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 5
Section headers 28
ELF sections
ELF Segments
.note.ABI-tag
.init
.text
__libc_thread_freeres_fn
__libc_freeres_fn
.fini
.rodata
__libc_atexit
__libc_subfreeres
__libc_thread_subfreeres
.eh_frame
.gcc_except_table
.ctors
.dtors
.jcr
.data.rel.ro
.got
.got.plt
.data
.bss
__libc_freeres_ptrs
.note.ABI-tag
Segment without sections
Segment without sections
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
i386

Compressed bundles
File identification
MD5 fc9ad72a50c7835e8f6147059b9a00f2
SHA1 f41ff238f06f22a12da62af2c32fdc200a1b0018
SHA256 735fa0b4fde54af92c2db2d8932614d7e19ea4a691163e5e08e501b8f42e54d8
ssdeep
24576:e845rlHu6gVJKG75oFpA0VWLX4G2y1q2rJp0:745wRVJKGtSA0VWLoVu9p0

File size 1.2 MB ( 1223123 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.2.5, not stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
elf

VirusTotal metadata
First submission 2014-09-07 15:47:18 UTC ( 4 years, 6 months ago )
Last submission 2018-10-09 12:14:53 UTC ( 5 months, 1 week ago )
File names fc9ad72a50c7835e8f6147059b9a00f2
8520
f41ff238f06f22a12da62af2c32fdc200a1b0018_8520
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!