× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 859a952ff05806c9e0652a9ba18d521e57090d4e3ed3bef07442e42ca1df04b6
File name: oaytolmhgi
Detection ratio: 6 / 56
Analysis date: 2014-12-18 08:51:29 UTC ( 4 years, 2 months ago ) View latest
Antivirus Result Update
AhnLab-V3 Linux/Flooder.471725 20141218
Avast ELF:Xorddos-A [Trj] 20141218
DrWeb Linux.DDoS.61 20141218
GData Linux.Trojan.Agent.25NJ54 20141218
Ikarus Trojan.Linux.Agent 20141218
Kaspersky HEUR:Trojan-DDoS.Linux.Agent.a 20141218
Ad-Aware 20141218
AegisLab 20141218
Yandex 20141217
ALYac 20141218
Antiy-AVL 20141218
AVG 20141218
Avira (no cloud) 20141218
AVware 20141218
Baidu-International 20141218
BitDefender 20141218
Bkav 20141217
ByteHero 20141218
CAT-QuickHeal 20141218
ClamAV 20141218
CMC 20141218
Comodo 20141218
Cyren 20141218
Emsisoft 20141218
ESET-NOD32 20150101
F-Prot 20141218
F-Secure 20150101
Fortinet 20141218
Jiangmin 20141217
K7AntiVirus 20141217
K7GW 20141218
Kingsoft 20141218
Malwarebytes 20141218
McAfee 20141218
McAfee-GW-Edition 20150101
Microsoft 20141218
eScan 20141218
NANO-Antivirus 20141218
Norman 20141218
nProtect 20141217
Panda 20141217
Qihoo-360 20150101
Rising 20141217
Sophos AV 20141218
SUPERAntiSpyware 20141218
Symantec 20141218
Tencent 20141218
TheHacker 20141217
TotalDefense 20141218
TrendMicro 20141218
TrendMicro-HouseCall 20141218
VBA32 20141217
VIPRE 20141218
ViRobot 20141218
Zillya 20141216
Zoner 20141216
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Advanced Micro Devices X86-64 machines.
ELF Header
Class ELF64
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Advanced Micro Devices X86-64
Object file version 0x1
Program headers 9
Section headers 35
ELF sections
ELF Segments
Segment without sections
.interp
.interp
.note.ABI-tag
.note.gnu.build-id
.gnu.hash
.dynsym
.dynstr
.gnu.version
.gnu.version_r
.rela.dyn
.rela.plt
.init
.plt
.text
.fini
.rodata
.eh_frame_hdr
.eh_frame
.init_array
.fini_array
.jcr
.dynamic
.got
.got.plt
.data
.bss
.dynamic
.note.ABI-tag
.note.gnu.build-id
.eh_frame_hdr
Segment without sections
.init_array
.fini_array
.jcr
.dynamic
.got
Shared libraries
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
64 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
AMD x86-64

File identification
MD5 5512e9daf8c93c284088ca845317d64a
SHA1 bc898dbf9b6034a3968d49b1432cdb4b1e0dd19d
SHA256 859a952ff05806c9e0652a9ba18d521e57090d4e3ed3bef07442e42ca1df04b6
ssdeep
6144:PW54xf13YIMh/ZnNpHeQwirtMOqQB1KFHKmOi9HJPMeqpg/:PW54xf13grNcQwiBMTQC7PMY/

File size 460.7 KB ( 471725 bytes )
File type ELF
Magic literal
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.24, not stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
64bits elf

VirusTotal metadata
First submission 2014-10-28 10:33:09 UTC ( 4 years, 3 months ago )
Last submission 2015-01-12 09:28:02 UTC ( 4 years, 1 month ago )
File names vti-rescan
oaytolmhgi
wnvtvxtrdi
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!