× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 92a260d856e00056469fb26f5305a37f6ab443d735d1476281b053b10b3c4f86
File name: a08.zip.ELF.ChinaZDdos
Detection ratio: 27 / 54
Analysis date: 2015-06-23 16:54:00 UTC ( 2 years, 3 months ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.Agent.BIXD 20150623
ALYac Trojan.Agent.BIXD 20150623
Arcabit Trojan.Agent.BIXD 20150623
Avast ELF:Xorddos-M [Trj] 20150623
AVG Linux/DDoS.XOR 20150623
BitDefender Trojan.Agent.BIXD 20150623
CAT-QuickHeal Linux.Xarcen.P6ac 20150623
ClamAV Unix.Trojan.DDoS_XOR-1 20150623
DrWeb Linux.DDoS.60 20150623
Emsisoft Trojan.Agent.BIXD (B) 20150623
ESET-NOD32 a variant of Linux/Xorddos.F 20150623
F-Secure Trojan.Agent.BIXD 20150623
Fortinet ELF/DDoS.BH!tr 20150623
GData Trojan.Agent.BIXD 20150623
Ikarus Trojan.DDoS 20150623
Jiangmin TrojanDDoS.Linux.k 20150620
Kaspersky HEUR:Trojan-DDoS.Linux.Xarcen.a 20150623
Microsoft DoS:Linux/Xorddos.A 20150623
eScan Trojan.Agent.BIXD 20150623
NANO-Antivirus Trojan.Unix.Xarcen.dsqiab 20150622
nProtect Trojan.Agent.BIXD 20150623
Qihoo-360 Trojan.Generic 20150623
Rising NORMAL:Trojan.Linux.Xorddos.d!1616198 20150618
Tencent Linux.Trojan-ddos.Xarcen.Lohw 20150623
TrendMicro ELF_XORDDOS.B 20150623
TrendMicro-HouseCall ELF_XORDDOS.B 20150623
Zillya Downloader.OpenConnection.JS.114052 20150623
AegisLab 20150623
Yandex 20150622
AhnLab-V3 20150623
Alibaba 20150623
Antiy-AVL 20150623
Avira (no cloud) 20150623
AVware 20150623
Baidu-International 20150623
Bkav 20150623
ByteHero 20150623
Comodo 20150623
Cyren 20150623
F-Prot 20150623
K7AntiVirus 20150623
K7GW 20150623
Kingsoft 20150623
Malwarebytes 20150623
McAfee 20150623
McAfee-GW-Edition 20150623
Panda 20150622
SUPERAntiSpyware 20150623
Symantec 20150623
TheHacker 20150622
VBA32 20150622
VIPRE 20150623
ViRobot 20150623
Zoner 20150623
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 5
Section headers 28
ELF sections
ELF Segments
.note.ABI-tag
.init
.text
__libc_freeres_fn
__libc_thread_freeres_fn
.fini
.rodata
__libc_subfreeres
__libc_atexit
__libc_thread_subfreeres
.eh_frame
.gcc_except_table
.ctors
.dtors
.jcr
.data.rel.ro
.got
.got.plt
.data
.bss
__libc_freeres_ptrs
.note.ABI-tag
Segment without sections
Segment without sections
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
i386

Compressed bundles
File identification
MD5 a99c10cb9713770b9e7dda376cddee3a
SHA1 1f1dd4d74eba8949fb1d2316c13f77b3ffa96f98
SHA256 92a260d856e00056469fb26f5305a37f6ab443d735d1476281b053b10b3c4f86
ssdeep
12288:UB1tATMVAqnf+ExxBHYpmA38X8LYkCW6TiOx6yB1/iGK4UlUuTh1AG:UB1BVpmExDYp38X8LYTWhOfNiGQl/91h

File size 611.0 KB ( 625707 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.6.9, not stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
elf

VirusTotal metadata
First submission 2015-04-07 07:33:12 UTC ( 2 years, 5 months ago )
Last submission 2017-02-25 02:15:23 UTC ( 7 months ago )
File names 20150606094758_http___148_163_29_85_i_a08_zip
HRzNjoe.dotx
a08
VirusShare_a99c10cb9713770b9e7dda376cddee3a
a08.zip.ELF.XorDdos
a08.zip.ELF.ChinaZDdos
Kconfig.dpkg-tmp
a08.zip
3f89b3e75f44d7f1ab9fa595b09e46cb0e8e878b
a08
ahsnfueirm
LWn7LXhBH.dotm
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!