× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 73b0d95541c84965fa42c3e257bb349957b3be626dec9d55efcc6ebcba6fa489
File name: nginx
Detection ratio: 0 / 55
Analysis date: 2014-09-25 08:35:18 UTC ( 2 years, 10 months ago ) View latest
Antivirus Result Update
Ad-Aware 20140925
AegisLab 20140925
Yandex 20140924
AhnLab-V3 20140924
Antiy-AVL 20140925
Avast 20140925
AVG 20140925
Avira (no cloud) 20140925
AVware 20140925
Baidu-International 20140925
BitDefender 20140925
Bkav 20140923
ByteHero 20140925
CAT-QuickHeal 20140925
ClamAV 20140925
CMC 20140924
Comodo 20140925
Cyren 20140925
DrWeb 20140925
Emsisoft 20140925
ESET-NOD32 20140925
F-Prot 20140925
F-Secure 20140925
Fortinet 20140925
GData 20140925
Ikarus 20140925
Jiangmin 20140924
K7AntiVirus 20140924
K7GW 20140924
Kaspersky 20140925
Kingsoft 20140925
Malwarebytes 20140925
McAfee 20140925
McAfee-GW-Edition 20140924
Microsoft 20140925
eScan 20140925
NANO-Antivirus 20140925
Norman 20140925
nProtect 20140924
Panda 20140924
Qihoo-360 20140925
Rising 20140924
Sophos AV 20140925
SUPERAntiSpyware 20140925
Symantec 20140925
Tencent 20140925
TheHacker 20140924
TotalDefense 20140924
TrendMicro 20140925
TrendMicro-HouseCall 20140925
VBA32 20140924
VIPRE 20140925
ViRobot 20140925
Zillya 20140925
Zoner 20140919
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 5
Section headers 25
ELF sections
ELF Segments
.note.ABI-tag
.rel.plt
.init
.plt
.text
__libc_freeres_fn
.fini
.rodata
__libc_atexit
__libc_subfreeres
.eh_frame
.gcc_except_table
.ctors
.dtors
.jcr
.data.rel.ro
.got
.got.plt
.data
.bss
__libc_freeres_ptrs
.note.ABI-tag
Segment without sections
Segment without sections
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
i386

File identification
MD5 5924bcc045bb7039f55c6ce29234e29a
SHA1 0229e6fa359bce01954651df2cdbddcdf3e24776
SHA256 73b0d95541c84965fa42c3e257bb349957b3be626dec9d55efcc6ebcba6fa489
ssdeep
12288:79+DzT70zz3jj6Ml2xDsKO9qjCm7pQ2DP89HScvhQe/Q0FNc:7kXT70zztc15Dem7pQ2cSMhP

File size 525.8 KB ( 538444 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.6.18, stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
cve-2014-6271 exploit elf

VirusTotal metadata
First submission 2014-09-25 03:35:39 UTC ( 2 years, 10 months ago )
Last submission 2017-02-25 01:03:19 UTC ( 5 months ago )
File names http _162.253.66.76_nginx
00000000 MD5 5924bcc045bb7039f55c6ce29234e29a.lst
ss (2)
nginx.1
file
5924bcc045bb7039f55c6ce29234e29a.exe
73b0d95541c84965fa42c3e257bb349957b3be626dec9d55efcc6ebcba6fa489
5924bcc045bb7039f55c6ce29234e29a
danger
nginx.bin
linux.exploit
73B0D95541C84965FA42C3E257BB349957B3BE626DEC9D55EFCC6EBCBA6FA489.dat
vti-rescan
nginx
nginx
nginx
VirusShare_5924bcc045bb7039f55c6ce29234e29a
ShellShock
73b0d95541c84965fa42c3e257bb349957b3be626dec9d55efcc6ebcba6fa489.elf
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!