× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 92c87b7bddb66de8a5a27d944b5d4b46c59b38047b8a5fc381118c615c3775f9
File name: sample
Detection ratio: 14 / 54
Analysis date: 2014-07-29 03:50:01 UTC ( 3 years, 11 months ago ) View latest
Antivirus Result Update
Avast ELF:Elknot-N [Trj] 20140729
AVware Backdoor.Linux.Elknot.f (v) 20140729
ClamAV Unix.Trojan.Elknot-1 20140728
Comodo UnclassifiedMalware 20140729
DrWeb Linux.DDoS.6 20140729
ESET-NOD32 Linux/Agent.F.Gen 20140729
Ikarus DoS.Linux.Elknot 20140729
Jiangmin Backdoor/Linux.ju 20140725
Kaspersky Backdoor.Linux.Mayday.g 20140729
Microsoft DoS:Linux/Elknot.G 20140729
Qihoo-360 Trojan.Generic 20140729
Sophos AV Linux/DDoS-AZ 20140729
TrendMicro-HouseCall Suspicious_GEN.F47V0720 20140729
VIPRE Backdoor.Linux.Elknot.f (v) 20140729
Ad-Aware 20140729
AegisLab 20140729
Yandex 20140727
AhnLab-V3 20140728
AntiVir 20140728
Antiy-AVL 20140729
AVG 20140728
Baidu-International 20140728
BitDefender 20140729
Bkav 20140728
ByteHero 20140729
CAT-QuickHeal 20140728
CMC 20140728
Commtouch 20140729
Emsisoft 20140729
F-Prot 20140729
F-Secure 20140729
Fortinet 20140729
GData 20140729
K7AntiVirus 20140728
K7GW 20140728
Kingsoft 20140729
Malwarebytes 20140729
McAfee 20140729
McAfee-GW-Edition 20140728
eScan 20140729
NANO-Antivirus 20140729
Norman 20140728
nProtect 20140728
Panda 20140728
Rising 20140728
SUPERAntiSpyware 20140729
Symantec 20140729
Tencent 20140729
TheHacker 20140728
TotalDefense 20140728
TrendMicro 20140729
VBA32 20140728
ViRobot 20140728
Zoner 20140723
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 5
Section headers 24
ELF sections
ELF Segments
.note.ABI-tag
.init
.text
__libc_freeres_fn
.fini
.rodata
__libc_subfreeres
__libc_atexit
.eh_frame
.gcc_except_table
.ctors
.dtors
.jcr
.data.rel.ro
.got
.got.plt
.data
.bss
__libc_freeres_ptrs
.note.ABI-tag
Segment without sections
Segment without sections
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
i386

File identification
MD5 917a2a3d8c30282acbe7b1ff121a4336
SHA1 b1a74442b1972ebe82449c0d7437daa84079735e
SHA256 92c87b7bddb66de8a5a27d944b5d4b46c59b38047b8a5fc381118c615c3775f9
ssdeep
49152:GcXSFzulIxJ2lG4EmR8pfbTZsDjai1HrkEgJRuYa7WJbiGVetR65nZmRHX0gFJsM:GcXS1ulIxJ2lGHpfbTZsDjDaRnRiGURL

File size 2.4 MB ( 2492148 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.6.9, stripped

TrID ELF Executable and Linkable format (generic) (100.0%)
Tags
elf

VirusTotal metadata
First submission 2014-07-19 23:16:24 UTC ( 4 years ago )
Last submission 2014-07-29 03:50:01 UTC ( 3 years, 11 months ago )
File names sample
txmap
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!