× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 753dc7cd036bdbac772a90fb3478b3ccf22bec70ee4bd2f55dec2041e9482017
File name: Hanthie (3)
Detection ratio: 31 / 57
Analysis date: 2015-01-15 02:15:58 UTC ( 6 months, 3 weeks ago )
Antivirus Result Update
ALYac Linux.CornelGEN.1289 20150115
AVG Generic9_c.ADEY 20150114
AVware Trojan.ELF.HandofThief.a (v) 20150115
Ad-Aware Linux.CornelGEN.1289 20150115
Antiy-AVL Trojan[Backdoor]/Linux.Hanthie 20150114
Avast ELF:Hanthie-C [Trj] 20150115
Avira UNIX/Hanthie.C 20150115
BitDefender Linux.CornelGEN.1289 20150115
CAT-QuickHeal Linux.Hanthie.A26 20150114
ClamAV Unix.Trojan.Hanthie 20150115
Comodo UnclassifiedMalware 20150114
DrWeb Linux.Hanthie.1 20150115
ESET-NOD32 Linux/Hanthie.B 20150115
Emsisoft Backdoor.Linux.Hanthie (A) 20150115
F-Secure Linux.CornelGEN.1289 20150114
GData Linux.CornelGEN.1289 20150115
Ikarus Backdoor.Linux.Hanthie 20150115
Jiangmin Backdoor/Linux.jb 20150114
K7AntiVirus Trojan ( 0001140e1 ) 20150114
K7GW Trojan ( 0001140e1 ) 20150114
Kaspersky Backdoor.Linux.Hanthie.d 20150115
MicroWorld-eScan Linux.CornelGEN.1289 20150115
Microsoft Trojan:Linux/Hanthie.A 20150114
Qihoo-360 Trojan.Generic 20150115
Symantec Linux.Handofthief 20150115
Tencent Linux.Backdoor.Hanthie.Anpq 20150115
TrendMicro UNIX_HANTHIE.B 20150115
TrendMicro-HouseCall UNIX_HANTHIE.B 20150115
VBA32 Backdoor.Linux.Hanthie.a 20150113
VIPRE Trojan.ELF.HandofThief.a (v) 20150115
nProtect Linux.CornelGEN.1289 20150115
AegisLab 20150115
Agnitum 20150114
AhnLab-V3 20150114
Alibaba 20150115
Baidu-International 20150114
Bkav 20150114
ByteHero 20150115
CMC 20150113
Cyren 20150115
F-Prot 20150115
Fortinet 20150115
Kingsoft 20150115
Malwarebytes 20150115
McAfee 20150115
McAfee-GW-Edition 20150115
NANO-Antivirus 20150115
Norman 20150114
Panda 20150114
Rising 20150114
SUPERAntiSpyware 20150115
Sophos 20150115
TheHacker 20150112
TotalDefense 20150114
ViRobot 20150115
Zillya 20150114
Zoner 20150114
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - Linux
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 2
Section headers 0
Packers identified
upx
ELF Segments
Segment without sections
Segment without sections
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

FileAccessDate
2015:01:15 03:16:11+01:00

ObjectFileType
Executable file

CPUType
i386

FileCreateDate
2015:01:15 03:16:11+01:00

Compressed bundles
File identification
MD5 ee8a4455e3037dc84d21950dce79ef2c
SHA1 21009138e9c88e7c11775397f49c7bdc1eedd825
SHA256 753dc7cd036bdbac772a90fb3478b3ccf22bec70ee4bd2f55dec2041e9482017
ssdeep
384:M6SbpYCCWqjqYILVFGAMU1WVr7ya3zsNeHwqw4l5ztoR9jtb0r7:Ibp/CPj+L7GAN1Ob3zieHq4lm9Zb0r7

File size 24.3 KB ( 24848 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (GNU/Linux), statically linked, stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
elf upx

VirusTotal metadata
First submission 2013-08-16 11:26:05 UTC ( 1 year, 11 months ago )
Last submission 2015-01-15 02:15:58 UTC ( 6 months, 3 weeks ago )
File names 21009138e9c88e7c11775397f49c7bdc1eedd825
7.txt
753dc7cd036bdbac772a90fb3478b3ccf22bec70ee4bd2f55dec2041e9482017
Hanthie (3)
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!