× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 834eb864a29471d0abe178068c259470e4403eb546554247e2f5832acf9586ab
File name: 3502
Detection ratio: 1 / 55
Analysis date: 2014-09-26 15:01:49 UTC ( 2 years, 11 months ago ) View latest
Antivirus Result Update
Ikarus Trojan.DDoS 20140926
Ad-Aware 20140926
AegisLab 20140926
Yandex 20140926
AhnLab-V3 20140926
Antiy-AVL 20140926
Avast 20140926
AVG 20140926
Avira (no cloud) 20140926
AVware 20140926
Baidu-International 20140926
BitDefender 20140926
Bkav 20140925
ByteHero 20140926
CAT-QuickHeal 20140926
ClamAV 20140926
CMC 20140925
Comodo 20140926
Cyren 20140926
DrWeb 20140926
Emsisoft 20140926
ESET-NOD32 20140926
F-Prot 20140926
F-Secure 20140926
Fortinet 20140926
GData 20140926
Jiangmin 20140925
K7AntiVirus 20140926
K7GW 20140926
Kaspersky 20140926
Kingsoft 20140926
Malwarebytes 20140926
McAfee 20140926
McAfee-GW-Edition 20140925
Microsoft 20140926
eScan 20140926
NANO-Antivirus 20140926
Norman 20140926
nProtect 20140926
Panda 20140926
Qihoo-360 20140926
Rising 20140926
Sophos AV 20140926
SUPERAntiSpyware 20140926
Symantec 20140926
Tencent 20140926
TheHacker 20140924
TotalDefense 20140926
TrendMicro 20140926
TrendMicro-HouseCall 20140926
VBA32 20140926
VIPRE 20140926
ViRobot 20140926
Zillya 20140925
Zoner 20140925
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 5
Section headers 28
ELF sections
ELF Segments
.note.ABI-tag
.init
.text
__libc_freeres_fn
__libc_thread_freeres_fn
.fini
.rodata
__libc_atexit
__libc_subfreeres
__libc_thread_subfreeres
.eh_frame
.gcc_except_table
.ctors
.dtors
.jcr
.data.rel.ro
.got
.got.plt
.data
.bss
__libc_freeres_ptrs
.note.ABI-tag
Segment without sections
Segment without sections
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
i386

Compressed bundles
PCAP parents
File identification
MD5 ea1eefeca5af73afad4f6ca0284da736
SHA1 12cd4bffb129f91370d1edcf94747de3bdcb3305
SHA256 834eb864a29471d0abe178068c259470e4403eb546554247e2f5832acf9586ab
ssdeep
12288:IB7tZvFfN5nyhPR6SVsqrcdfUBFLlGNZBjHoPEh6y/KD0lwMogq3whrAZ2:IB7Jfryh5dsqifUBFLlGNZpVlW0lMgqg

File size 605.2 KB ( 619749 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.6.9, not stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
elf

VirusTotal metadata
First submission 2014-09-26 15:00:05 UTC ( 2 years, 11 months ago )
Last submission 2016-05-03 08:04:45 UTC ( 1 year, 4 months ago )
File names 12cd4bffb129f91370d1edcf94747de3bdcb3305_3502
ea1eefeca5af73afad4f6ca0284da736.exe
3502
vti-rescan
834eb864a29471d0abe178068c259470e4403eb546554247e2f5832acf9586ab
CVkviCZtXR.com
ea1eefeca5af73afad4f6ca0284da736
834eb864a29471d0abe178068c259470e4403eb546554247e2f5832acf9586ab.bin
EA1EEFECA5AF73AFAD4F6CA0284DA736
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!