× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 92fd1971f7ac512d096821a4bf8553bc13d1c478680999dd2e15400fe8973793
File name: 9521.ChinaZ.DDoS.mmd
Detection ratio: 8 / 55
Analysis date: 2015-01-14 06:23:16 UTC ( 3 years, 9 months ago ) View latest
Antivirus Result Update
Ad-Aware Linux.DDOS.Flood.I 20150113
ALYac Linux.DDOS.Flood.I 20150113
Avast ELF:Flooder-AL [Trj] 20150113
BitDefender Linux.DDOS.Flood.I 20150113
DrWeb Linux.DDoS.31 20150114
Emsisoft Linux.DDOS.Flood.I (B) 20150113
GData Linux.DDOS.Flood.I 20150111
nProtect Linux.DDOS.Flood.I 20150109
AegisLab 20150113
Yandex 20150113
AhnLab-V3 20150112
Alibaba 20150114
Antiy-AVL 20150112
AVG 20150113
Avira (no cloud) 20150110
AVware 20150113
Baidu-International 20150113
Bkav 20150113
ByteHero 20150114
CAT-QuickHeal 20150110
ClamAV 20150114
Comodo 20150113
Cyren 20150113
ESET-NOD32 20150113
F-Prot 20150113
Fortinet 20150114
Ikarus 20150111
Jiangmin 20150112
K7AntiVirus 20150112
K7GW 20150110
Kaspersky 20150111
Kingsoft 20150114
Malwarebytes 20150111
McAfee 20150111
McAfee-GW-Edition 20150112
Microsoft 20150112
eScan None
NANO-Antivirus 20150111
Norman 20150111
Panda 20150111
Qihoo-360 20150114
Rising 20150112
Sophos AV 20150114
SUPERAntiSpyware 20150113
Symantec 20150112
Tencent 20150114
TheHacker 20150112
TotalDefense 20150111
TrendMicro 20150111
TrendMicro-HouseCall 20150112
VBA32 20150113
VIPRE 20150111
ViRobot 20150110
Zillya 20150113
Zoner 20150112
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 5
Section headers 27
ELF sections
ELF Segments
.note.ABI-tag
.note.gnu.build-id
.init
.text
__libc_freeres_fn
__libc_thread_freeres_fn
.fini
.rodata
__libc_subfreeres
__libc_atexit
__libc_thread_subfreeres
.eh_frame
.gcc_except_table
.init_array
.fini_array
.jcr
.data.rel.ro
.got
.got.plt
.data
.bss
__libc_freeres_ptrs
.note.ABI-tag
.note.gnu.build-id
Segment without sections
Segment without sections
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
i386

File identification
MD5 b7e3ca05806aa99cad9d3768ff90f1d9
SHA1 4676009315748facd11c25e5a1fc56acc0225ae9
SHA256 92fd1971f7ac512d096821a4bf8553bc13d1c478680999dd2e15400fe8973793
ssdeep
12288:LKtyypyWkpM0V75e6l7qtDkyBBPL4/1j6sygt9/QNi/ZXRFFFFLFFFFFFFFFFFFz:QyypyDM0x5e6l7qXf26tgtZ/DX

File size 604.4 KB ( 618948 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.6.26, stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
elf

VirusTotal metadata
First submission 2015-01-13 06:04:59 UTC ( 3 years, 9 months ago )
Last submission 2018-05-15 00:04:06 UTC ( 5 months ago )
File names 9521.ChinaZ.DDoS.mmd
0113
4676009315748facd11c25e5a1fc56acc0225ae9_9521
9521
b7e3ca05806aa99cad9d3768ff90f1d9
vti-rescan
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!