| SHA256: | 800f8b125345784d532b29465b5c57d05287235d3535534186b5edf971bc7fe9 |
| File name: | crond32 |
| Detection ratio: | 13 / 55 |
| Analysis date: | 2016-01-12 02:55:32 UTC ( 1 year, 9 months ago ) View latest |
| Antivirus | Result | Update |
|---|---|---|
| Avast | ELF:Snessik-A [Trj] | 20160112 |
| AVG | Linux/BackDoor_c.EU | 20160112 |
| Comodo | UnclassifiedMalware | 20160112 |
| DrWeb | Linux.BackDoor.Snessik.2 | 20160112 |
| ESET-NOD32 | a variant of Linux/Agent.K | 20160112 |
| GData | Linux.Trojan.Agent.92EVGN | 20160112 |
| Ikarus | Trojan.Linux.Agent | 20160112 |
| Jiangmin | Backdoor/Linux.yg | 20160112 |
| Kaspersky | HEUR:Backdoor.Linux.Snessik.a | 20160112 |
| Qihoo-360 | Win32/Trojan.1ee | 20160112 |
| Sophos AV | Linux/Stlrat-A | 20160112 |
| Symantec | Linux.Spalooki | 20160111 |
| Tencent | Linux.Backdoor.Snessik.Eclj | 20160112 |
| Ad-Aware | 20160112 | |
| AegisLab | 20160111 | |
| Yandex | 20160111 | |
| AhnLab-V3 | 20160111 | |
| Alibaba | 20160111 | |
| ALYac | 20160112 | |
| Antiy-AVL | 20160111 | |
| Arcabit | 20160112 | |
| Avira (no cloud) | 20160112 | |
| AVware | 20160111 | |
| Baidu-International | 20160111 | |
| BitDefender | 20160112 | |
| Bkav | 20160111 | |
| ByteHero | 20160112 | |
| CAT-QuickHeal | 20160111 | |
| ClamAV | 20160111 | |
| CMC | 20160111 | |
| Cyren | 20160112 | |
| Emsisoft | 20160112 | |
| F-Prot | 20160111 | |
| F-Secure | 20160112 | |
| Fortinet | 20160111 | |
| K7AntiVirus | 20160111 | |
| K7GW | 20160111 | |
| Malwarebytes | 20160112 | |
| McAfee | 20160112 | |
| McAfee-GW-Edition | 20160112 | |
| Microsoft | 20160112 | |
| eScan | 20160112 | |
| NANO-Antivirus | 20160112 | |
| nProtect | 20160111 | |
| Panda | 20160111 | |
| Rising | 20160111 | |
| SUPERAntiSpyware | 20160112 | |
| TheHacker | 20160107 | |
| TrendMicro | 20160112 | |
| TrendMicro-HouseCall | 20160112 | |
| VBA32 | 20160111 | |
| VIPRE | 20160112 | |
| ViRobot | 20160112 | |
| Zillya | 20160112 | |
| Zoner | 20160111 |
The file being studied is an ELF!
More specifically, it is a EXEC (Executable file) ELF
for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 8
Section headers 31
ELF sections
ELF Segments
Shared libraries
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream
CPUByteOrder
Little endian
CPUArchitecture
32 bit
FileType
ELF executable
ObjectFileType
Executable file
CPUType
i386
Compressed bundles
File identification
MD5 1faf27f6b8e8a9cadb611f668a01cf73
SHA1 9f827f020a3746dd1d770b71f05e4e24495ee797
SHA256 800f8b125345784d532b29465b5c57d05287235d3535534186b5edf971bc7fe9
ssdeep
768:qQ3uByvrTrKbIotx9aBD+kFlRkfOYHoRW/vxr8QeX0ermyk9tM:L9DTuUo5aBMo2vxw3Eermyk7M
File size
46.4 KB ( 47509 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.18, not stripped
| TrID |
ELF Executable and Linkable format (Linux) (50.1%) ELF Executable and Linkable format (generic) (49.8%) |
Tags
elf
VirusTotal metadata
First submission
2015-07-30 12:27:13 UTC ( 2 years, 2 months ago )
Last submission
2017-07-20 05:35:04 UTC ( 3 months ago )
| File names |
58c99fe20b348702b936abca crond32 aa VirusShare_1faf27f6b8e8a9cadb611f668a01cf73 cf38adb5676a69646b17b20339836b6c028ab1a4 gMsJ1UNuw.xlsb |
No comments.
No VirusTotal Community member has commented on this item yet, be the first one to do so!
You have not signed in. Only registered users can leave comments, sign in and have a voice!
No votes.
No one has voted on this item yet, be the first one to do so!