× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 7b3cd8c1bd0249df458084f28d91648ad14e1baf455fdd53b174481d540070c6
File name: 24e3ebc0c5a28ba433dfa69c169a8dd90e05c429_oldhttpd
Detection ratio: 40 / 56
Analysis date: 2015-01-19 16:38:05 UTC ( 3 months ago )
Antivirus Result Update
ALYac Trojan.Rootkit.Linux.CDorked.A 20150119
AVG BackDoor.Generic_c.FFG 20150119
AVware Trojan.Linux.Cdorked.a (v) 20150119
Ad-Aware Linux.Cdorked.A 20150119
AhnLab-V3 Linux/Cdorked 20150119
Avast ELF:Cdorked-F [Trj] 20150119
Avira LINUX/Cdorked.A 20150119
BitDefender Linux.Cdorked.A 20150119
CAT-QuickHeal Backdoor.Linux.Cdorked.a 20150119
ClamAV Unix.Backdoor.Cdorked 20150119
Comodo UnclassifiedMalware 20150119
Cyren ELF/Cdorked.A 20150119
DrWeb Linux.Cdorked.1 20150119
ESET-NOD32 Linux/Cdorked.A 20150119
Emsisoft Linux.Cdorked.A (B) 20150119
F-Prot ELF/Cdorked.A 20150119
F-Secure Backdoor:Linux/Cdorked.A 20150119
Fortinet ELF/Cdorked.A!tr.bdr 20150119
GData Linux.Cdorked.A 20150119
Ikarus Trojan.ELF.Cdorked 20150119
Jiangmin Backdoor.Linux.Cdorked.a 20150118
K7AntiVirus Trojan ( 0001140e1 ) 20150119
Kaspersky Backdoor.Linux.Cdorked.a 20150119
McAfee Linux/BackDoor-Cdorked 20150119
McAfee-GW-Edition Linux/BackDoor-Cdorked 20150119
MicroWorld-eScan Linux.Cdorked.A 20150119
Microsoft Backdoor:Linux/Cdorked.A 20150119
Norman Cdorked.A 20150119
Panda Linux/Cdorked.A 20150119
Qihoo-360 Trojan.Generic 20150119
Sophos Linux/Cdorked-A 20150119
Symantec Linux.Cdorked 20150119
Tencent Linux.Backdoor.Cdorked.Dyqn 20150119
TrendMicro ELF_CDORKED.A 20150119
TrendMicro-HouseCall ELF_CDORKED.A 20150119
VBA32 Backdoor.Linux.Cdorked.a 20150119
VIPRE Trojan.Linux.Cdorked.a (v) 20150119
ViRobot Linux.A.Cdorked.1731266[h] 20150119
Zillya Trojan.Cdorked.Linux.7 20150119
nProtect Linux.Cdorked.A 20150119
AegisLab 20150119
Agnitum 20150119
Alibaba 20150119
Antiy-AVL 20150119
Baidu-International 20150119
Bkav 20150119
ByteHero 20150119
CMC 20150119
Kingsoft 20150119
Malwarebytes 20150119
NANO-Antivirus 20150119
Rising 20150118
SUPERAntiSpyware 20150119
TheHacker 20150119
TotalDefense 20150119
Zoner 20150119
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Advanced Micro Devices X86-64 machines.
ELF Header
Class ELF64
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Advanced Micro Devices X86-64
Object file version 0x1
Program headers 8
Section headers 31
ELF sections
ELF Segments
Segment without sections
Segment without sections
Shared libraries
Imported symbols
Exported symbols
ExifTool file metadata

Little endian

64 bit

ELF executable

2015:01:19 17:43:56+01:00

Executable file

AMD x86-64

2015:01:19 17:43:56+01:00

File identification
MD5 1785109e71a8f6eb6fb1ba7cce7c51e6
SHA1 24e3ebc0c5a28ba433dfa69c169a8dd90e05c429
SHA256 7b3cd8c1bd0249df458084f28d91648ad14e1baf455fdd53b174481d540070c6

File size 1.7 MB ( 1731266 bytes )
File type ELF
Magic literal
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.18, not stripped

TrID ELF Executable and Linkable format (Linux) (49.7%)
ELF Executable and Linkable format (generic) (49.4%)
Lumena CEL bitmap (0.7%)
64bits elf

VirusTotal metadata
First submission 2013-04-16 18:54:21 UTC ( 2 years ago )
Last submission 2014-09-09 14:41:26 UTC ( 7 months, 1 week ago )
File names 24e3ebc0c5a28ba433dfa69c169a8dd90e05c429_oldhttpd
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!