× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 800f8b125345784d532b29465b5c57d05287235d3535534186b5edf971bc7fe9
File name: crond32
Detection ratio: 13 / 55
Analysis date: 2016-01-12 02:55:32 UTC ( 1 year, 9 months ago ) View latest
Antivirus Result Update
Avast ELF:Snessik-A [Trj] 20160112
AVG Linux/BackDoor_c.EU 20160112
Comodo UnclassifiedMalware 20160112
DrWeb Linux.BackDoor.Snessik.2 20160112
ESET-NOD32 a variant of Linux/Agent.K 20160112
GData Linux.Trojan.Agent.92EVGN 20160112
Ikarus Trojan.Linux.Agent 20160112
Jiangmin Backdoor/Linux.yg 20160112
Kaspersky HEUR:Backdoor.Linux.Snessik.a 20160112
Qihoo-360 Win32/Trojan.1ee 20160112
Sophos AV Linux/Stlrat-A 20160112
Symantec Linux.Spalooki 20160111
Tencent Linux.Backdoor.Snessik.Eclj 20160112
Ad-Aware 20160112
AegisLab 20160111
Yandex 20160111
AhnLab-V3 20160111
Alibaba 20160111
ALYac 20160112
Antiy-AVL 20160111
Arcabit 20160112
Avira (no cloud) 20160112
AVware 20160111
Baidu-International 20160111
BitDefender 20160112
Bkav 20160111
ByteHero 20160112
CAT-QuickHeal 20160111
ClamAV 20160111
CMC 20160111
Cyren 20160112
Emsisoft 20160112
F-Prot 20160111
F-Secure 20160112
Fortinet 20160111
K7AntiVirus 20160111
K7GW 20160111
Malwarebytes 20160112
McAfee 20160112
McAfee-GW-Edition 20160112
Microsoft 20160112
eScan 20160112
NANO-Antivirus 20160112
nProtect 20160111
Panda 20160111
Rising 20160111
SUPERAntiSpyware 20160112
TheHacker 20160107
TrendMicro 20160112
TrendMicro-HouseCall 20160112
VBA32 20160111
VIPRE 20160112
ViRobot 20160112
Zillya 20160112
Zoner 20160111
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 8
Section headers 31
ELF sections
ELF Segments
Segment without sections
.interp
.interp
.note.ABI-tag
.note.gnu.build-id
.gnu.hash
.dynsym
.dynstr
.gnu.version
.gnu.version_r
.rel.dyn
.rel.plt
.init
.plt
.text
.fini
.rodata
.eh_frame_hdr
.eh_frame
.gcc_except_table
.ctors
.dtors
.jcr
.dynamic
.got
.got.plt
.data
.bss
.dynamic
.note.ABI-tag
.note.gnu.build-id
.eh_frame_hdr
Segment without sections
Shared libraries
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
i386

Compressed bundles
File identification
MD5 1faf27f6b8e8a9cadb611f668a01cf73
SHA1 9f827f020a3746dd1d770b71f05e4e24495ee797
SHA256 800f8b125345784d532b29465b5c57d05287235d3535534186b5edf971bc7fe9
ssdeep
768:qQ3uByvrTrKbIotx9aBD+kFlRkfOYHoRW/vxr8QeX0ermyk9tM:L9DTuUo5aBMo2vxw3Eermyk7M

File size 46.4 KB ( 47509 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.18, not stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
elf

VirusTotal metadata
First submission 2015-07-30 12:27:13 UTC ( 2 years, 2 months ago )
Last submission 2017-07-20 05:35:04 UTC ( 3 months ago )
File names 58c99fe20b348702b936abca
crond32
aa
VirusShare_1faf27f6b8e8a9cadb611f668a01cf73
cf38adb5676a69646b17b20339836b6c028ab1a4
gMsJ1UNuw.xlsb
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!