× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7b3cd8c1bd0249df458084f28d91648ad14e1baf455fdd53b174481d540070c6
File name: 24e3ebc0c5a28ba433dfa69c169a8dd90e05c429_oldhttpd
Detection ratio: 40 / 56
Analysis date: 2015-01-19 16:38:05 UTC ( 3 months ago )
Antivirus Result Update
ALYac Trojan.Rootkit.Linux.CDorked.A 20150119
AVG BackDoor.Generic_c.FFG 20150119
AVware Trojan.Linux.Cdorked.a (v) 20150119
Ad-Aware Linux.Cdorked.A 20150119
AhnLab-V3 Linux/Cdorked 20150119
Avast ELF:Cdorked-F [Trj] 20150119
Avira LINUX/Cdorked.A 20150119
BitDefender Linux.Cdorked.A 20150119
CAT-QuickHeal Backdoor.Linux.Cdorked.a 20150119
ClamAV Unix.Backdoor.Cdorked 20150119
Comodo UnclassifiedMalware 20150119
Cyren ELF/Cdorked.A 20150119
DrWeb Linux.Cdorked.1 20150119
ESET-NOD32 Linux/Cdorked.A 20150119
Emsisoft Linux.Cdorked.A (B) 20150119
F-Prot ELF/Cdorked.A 20150119
F-Secure Backdoor:Linux/Cdorked.A 20150119
Fortinet ELF/Cdorked.A!tr.bdr 20150119
GData Linux.Cdorked.A 20150119
Ikarus Trojan.ELF.Cdorked 20150119
Jiangmin Backdoor.Linux.Cdorked.a 20150118
K7AntiVirus Trojan ( 0001140e1 ) 20150119
Kaspersky Backdoor.Linux.Cdorked.a 20150119
McAfee Linux/BackDoor-Cdorked 20150119
McAfee-GW-Edition Linux/BackDoor-Cdorked 20150119
MicroWorld-eScan Linux.Cdorked.A 20150119
Microsoft Backdoor:Linux/Cdorked.A 20150119
Norman Cdorked.A 20150119
Panda Linux/Cdorked.A 20150119
Qihoo-360 Trojan.Generic 20150119
Sophos Linux/Cdorked-A 20150119
Symantec Linux.Cdorked 20150119
Tencent Linux.Backdoor.Cdorked.Dyqn 20150119
TrendMicro ELF_CDORKED.A 20150119
TrendMicro-HouseCall ELF_CDORKED.A 20150119
VBA32 Backdoor.Linux.Cdorked.a 20150119
VIPRE Trojan.Linux.Cdorked.a (v) 20150119
ViRobot Linux.A.Cdorked.1731266[h] 20150119
Zillya Trojan.Cdorked.Linux.7 20150119
nProtect Linux.Cdorked.A 20150119
AegisLab 20150119
Agnitum 20150119
Alibaba 20150119
Antiy-AVL 20150119
Baidu-International 20150119
Bkav 20150119
ByteHero 20150119
CMC 20150119
Kingsoft 20150119
Malwarebytes 20150119
NANO-Antivirus 20150119
Rising 20150118
SUPERAntiSpyware 20150119
TheHacker 20150119
TotalDefense 20150119
Zoner 20150119
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Advanced Micro Devices X86-64 machines.
ELF Header
Class ELF64
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Advanced Micro Devices X86-64
Object file version 0x1
Program headers 8
Section headers 31
ELF sections
ELF Segments
Segment without sections
.interp
.interp
.note.ABI-tag
.note.gnu.build-id
.gnu.hash
.dynsym
.dynstr
.gnu.version
.gnu.version_r
.rela.dyn
.rela.plt
.init
.plt
.text
.fini
.rodata
.eh_frame_hdr
.eh_frame
.ctors
.dtors
.jcr
.data.rel.ro
.dynamic
.got
.got.plt
.data
.bss
.dynamic
.note.ABI-tag
.note.gnu.build-id
.eh_frame_hdr
Segment without sections
Shared libraries
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
64 bit

FileType
ELF executable

FileAccessDate
2015:01:19 17:43:56+01:00

ObjectFileType
Executable file

CPUType
AMD x86-64

FileCreateDate
2015:01:19 17:43:56+01:00

File identification
MD5 1785109e71a8f6eb6fb1ba7cce7c51e6
SHA1 24e3ebc0c5a28ba433dfa69c169a8dd90e05c429
SHA256 7b3cd8c1bd0249df458084f28d91648ad14e1baf455fdd53b174481d540070c6
ssdeep
49152:6ehE9rkdwP4vay9S0ZPu5XT6WbEgkc6KLoAYvE2l0cS74g:6l9rsYvmXn0cS74g

File size 1.7 MB ( 1731266 bytes )
File type ELF
Magic literal
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.18, not stripped

TrID ELF Executable and Linkable format (Linux) (49.7%)
ELF Executable and Linkable format (generic) (49.4%)
Lumena CEL bitmap (0.7%)
Tags
64bits elf

VirusTotal metadata
First submission 2013-04-16 18:54:21 UTC ( 2 years ago )
Last submission 2014-09-09 14:41:26 UTC ( 7 months, 1 week ago )
File names 24e3ebc0c5a28ba433dfa69c169a8dd90e05c429_oldhttpd
vti-rescan
1785109e71a8f6eb6fb1ba7cce7c51e6
oldhttpd
7b3cd8c1bd0249df458084f28d91648ad14e1baf455fdd53b174481d540070c6
cdorked.a.httpd
24E3EBC0C5A28BA433DFA69C169A8DD90E05C429
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!