× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7a95839cf6f72e2d2b2ef13079cf86527dcf3455aaa13b7f4e06785a950eed0c
File name: 1122.64.ELF.IptableX.DDoS
Detection ratio: 21 / 54
Analysis date: 2015-07-01 05:08:34 UTC ( 3 years, 7 months ago ) View latest
Antivirus Result Update
Ad-Aware Backdoor.Linux.Ganiw.F 20150701
AhnLab-V3 Linux/Flooder.727556 20150630
ALYac Backdoor.Linux.Ganiw.F 20150630
Arcabit Backdoor.Linux.Ganiw.F 20150630
Avast ELF:Sotdas-A [Trj] 20150701
AVG BackDoor.Delf 20150701
BitDefender Backdoor.Linux.Ganiw.F 20150701
ClamAV Linux.Trojan.IptabLex 20150701
DrWeb Linux.Myk.6 20150701
ESET-NOD32 a variant of Linux/Agent.AE 20150630
F-Secure Backdoor.Linux.Ganiw.F 20150701
Fortinet PossibleThreat.P0 20150701
GData Backdoor.Linux.Ganiw.F 20150701
Ikarus Trojan.Linux.Agent 20150701
Jiangmin TrojanDDoS.Linux.ay 20150630
Kaspersky HEUR:Trojan-DDoS.Linux.Sotdas.a 20150701
eScan Backdoor.Linux.Ganiw.F 20150701
nProtect Backdoor.Linux.Ganiw.F 20150630
Qihoo-360 Trojan.Generic 20150701
Sophos AV Linux/Flood-JC 20150701
Zillya Downloader.OpenConnection.JS.115763 20150630
AegisLab 20150701
Yandex 20150630
Alibaba 20150630
Antiy-AVL 20150701
Avira (no cloud) 20150630
AVware 20150701
Baidu-International 20150630
Bkav 20150630
ByteHero 20150701
CAT-QuickHeal 20150630
Comodo 20150701
Cyren 20150701
F-Prot 20150701
K7AntiVirus 20150630
K7GW 20150701
Kingsoft 20150701
Malwarebytes 20150701
McAfee 20150701
McAfee-GW-Edition 20150630
Microsoft 20150701
NANO-Antivirus 20150630
Panda 20150630
Rising 20150630
SUPERAntiSpyware 20150701
Symantec 20150701
Tencent 20150701
TheHacker 20150701
TrendMicro 20150701
TrendMicro-HouseCall 20150701
VBA32 20150630
VIPRE 20150701
ViRobot 20150701
Zoner 20150701
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Advanced Micro Devices X86-64 machines.
ELF Header
Class ELF64
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Advanced Micro Devices X86-64
Object file version 0x1
Program headers 5
Section headers 28
ELF sections
ELF Segments
.note.ABI-tag
.init
.text
__libc_freeres_fn
__libc_thread_freeres_fn
.fini
.rodata
__libc_atexit
__libc_subfreeres
__libc_thread_subfreeres
.eh_frame
.gcc_except_table
.ctors
.dtors
.jcr
.data.rel.ro
.got
.got.plt
.data
.bss
__libc_freeres_ptrs
.note.ABI-tag
Segment without sections
Segment without sections
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
64 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
AMD x86-64

Compressed bundles
File identification
MD5 8d18ddc23603726181ebb77931aa11f3
SHA1 3a92802eb776cabb6c6f46b8b22c13e9f768ce0a
SHA256 7a95839cf6f72e2d2b2ef13079cf86527dcf3455aaa13b7f4e06785a950eed0c
ssdeep
12288:ZIlddxPHCo90S9LTXIXs5im4MkQbSJDFdx4Is//O1ScnBM:ZI/dLTXIXw4jQb+Fffs//gScS

File size 710.5 KB ( 727556 bytes )
File type ELF
Magic literal
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), statically linked, for GNU/Linux 2.6.9, not stripped

TrID ELF Executable and Linkable format (generic) (100.0%)
Tags
64bits elf

VirusTotal metadata
First submission 2015-06-27 00:55:26 UTC ( 3 years, 7 months ago )
Last submission 2018-10-09 17:32:46 UTC ( 4 months, 1 week ago )
File names 8D18DDC23603726181EBB77931AA11F3
1122.64.ELF.IptabLesX.mmd
7a95839cf6f72e2d2b2ef13079cf86527dcf3455aaa13b7f4e06785a950eed0c.log
1122.64
1122.64.ELF.IptableX.DDoS
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!