× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 85f839fbc3af21bdffacfbbd73aa23b460b10aa96d89470a1fd1b851eb513ecc
File name: thorizes
Detection ratio: 7 / 55
Analysis date: 2014-09-20 16:11:26 UTC ( 4 years, 6 months ago ) View latest
Antivirus Result Update
Avast ELF:Elknot-AS [Trj] 20140920
ESET-NOD32 Linux/Agent.I.Gen 20140919
Fortinet ELF/Ganiw.A!tr 20140920
Ikarus Trojan.Linux.Agent 20140920
Kaspersky Backdoor.Linux.Ganiw.a 20140920
Sophos AV Linux/DDoS-BD 20140920
Symantec Trojan.Chikdos.B!gen2 20140920
Ad-Aware 20140920
AegisLab 20140920
Yandex 20140920
AhnLab-V3 20140920
Antiy-AVL 20140920
AVG 20140920
Avira (no cloud) 20140920
AVware 20140920
Baidu-International 20140920
BitDefender 20140920
Bkav 20140920
ByteHero 20140920
CAT-QuickHeal 20140920
ClamAV 20140920
CMC 20140918
Comodo 20140920
Cyren 20140920
DrWeb 20140920
Emsisoft 20140920
F-Prot 20140920
F-Secure 20140920
GData 20140920
Jiangmin 20140919
K7AntiVirus 20140919
K7GW 20140919
Kingsoft 20140920
Malwarebytes 20140920
McAfee 20140920
McAfee-GW-Edition 20140920
Microsoft 20140920
eScan 20140920
NANO-Antivirus 20140920
Norman 20140920
nProtect 20140919
Panda 20140920
Qihoo-360 20140920
Rising 20140920
SUPERAntiSpyware 20140920
Tencent 20140920
TheHacker 20140919
TotalDefense 20140920
TrendMicro 20140920
TrendMicro-HouseCall 20140920
VBA32 20140919
VIPRE 20140920
ViRobot 20140920
Zillya 20140920
Zoner 20140919
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 5
Section headers 28
ELF sections
ELF Segments
.note.ABI-tag
.init
.text
__libc_thread_freeres_fn
__libc_freeres_fn
.fini
.rodata
__libc_atexit
__libc_subfreeres
__libc_thread_subfreeres
.eh_frame
.gcc_except_table
.ctors
.dtors
.jcr
.data.rel.ro
.got
.got.plt
.data
.bss
__libc_freeres_ptrs
.note.ABI-tag
Segment without sections
Segment without sections
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
i386

File identification
MD5 b4dd0283c73d0b288e7322b95df0cb1b
SHA1 fea8bcfe431d6eb62bdc5b0f652171dff39931e6
SHA256 85f839fbc3af21bdffacfbbd73aa23b460b10aa96d89470a1fd1b851eb513ecc
ssdeep
24576:e845rlHu6gVJKG75oFpA0VWGX4G2y1q2rJp0:745wRVJKGtSA0VWGoVu9p0

File size 1.2 MB ( 1223123 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.2.5, not stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
elf

VirusTotal metadata
First submission 2014-09-20 16:11:26 UTC ( 4 years, 6 months ago )
Last submission 2018-10-09 10:21:37 UTC ( 5 months, 1 week ago )
File names b4dd0283c73d0b288e7322b95df0cb1b
thorizes
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!