× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 93b9471914f8396ec36f4f3bd0d963bc6cd8dd44452ef8963ad8d4f20a5e9952
File name: sjkjgucew
Detection ratio: 28 / 58
Analysis date: 2017-08-07 09:16:48 UTC ( 1 year, 2 months ago )
Antivirus Result Update
Ad-Aware Trojan.Linux.Xorddos.K 20170807
AhnLab-V3 Linux/Flooder.557760 20170806
ALYac Trojan.Linux.Xorddos.K 20170807
Antiy-AVL Trojan[DDoS]/Linux.Xarcen.d 20170807
Arcabit Trojan.Linux.Xorddos.K 20170807
Avast ELF:Xorddos-M [Trj] 20170807
AVG ELF:Xorddos-M [Trj] 20170807
BitDefender Trojan.Linux.Xorddos.K 20170807
DrWeb Linux.DDoS.86 20170807
Emsisoft Trojan.Linux.Xorddos.K (B) 20170807
ESET-NOD32 a variant of Linux/Xorddos.P 20170807
F-Secure Trojan.Linux.Xorddos.K 20170807
GData Trojan.Linux.Xorddos.K 20170807
Ikarus Trojan.Linux.Xorddos 20170807
Jiangmin TrojanDDoS.Linux.gb 20170807
Kaspersky HEUR:Trojan-DDoS.Linux.Xarcen.d 20170807
MAX malware (ai score=89) 20170807
Microsoft DoS:Linux/Xorddos!rfn 20170807
eScan Trojan.Linux.Xorddos.K 20170807
NANO-Antivirus Trojan.Unix.Xorddos.efutws 20170806
Panda ELF/XorDDos.A 20170806
Rising Trojan.DDoS-Xor/Linux!1.A3E4 (classic) 20170807
Sophos AV Linux/DDoS-BH 20170807
Symantec Linux.Xorddos 20170807
TrendMicro ELF_XORDDOS.SM 20170807
TrendMicro-HouseCall ELF_XORDDOS.SM 20170807
Zillya Downloader.OpenConnection.JS.224624 20170806
ZoneAlarm by Check Point HEUR:Trojan-DDoS.Linux.Xarcen.d 20170807
AegisLab 20170807
Alibaba 20170807
Avira (no cloud) 20170807
AVware 20170807
Baidu 20170807
Bkav 20170807
CAT-QuickHeal 20170807
ClamAV 20170807
CMC 20170805
Comodo 20170807
CrowdStrike Falcon (ML) 20170710
Cylance 20170807
Cyren 20170807
Endgame 20170721
F-Prot 20170807
Fortinet 20170807
Sophos ML 20170607
K7AntiVirus 20170807
K7GW 20170807
Kingsoft 20170807
Malwarebytes 20170807
McAfee 20170807
McAfee-GW-Edition 20170807
nProtect 20170807
Palo Alto Networks (Known Signatures) 20170807
Qihoo-360 20170807
SentinelOne (Static ML) 20170806
SUPERAntiSpyware 20170807
Symantec Mobile Insight 20170807
Tencent 20170807
TheHacker 20170806
Trustlook 20170807
VBA32 20170803
VIPRE 20170807
ViRobot 20170807
Webroot 20170807
WhiteArmor 20170731
Yandex 20170801
Zoner 20170807
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 5
Section headers 26
ELF sections
ELF Segments
.note.ABI-tag
.init
.text
__libc_freeres_fn
__libc_thread_freeres_fn
.fini
.rodata
__libc_atexit
__libc_subfreeres
__libc_thread_subfreeres
.eh_frame
.gcc_except_table
.ctors
.dtors
.jcr
.data.rel.ro
.got
.got.plt
.data
.bss
__libc_freeres_ptrs
.note.ABI-tag
Segment without sections
Segment without sections
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
i386

File identification
MD5 b4ccf2ecf75f83fd75adcb3f684cb580
SHA1 83bc3bebe3c7e81cca450accc920363600771815
SHA256 93b9471914f8396ec36f4f3bd0d963bc6cd8dd44452ef8963ad8d4f20a5e9952
ssdeep
12288:JbinNy0Y1nvEtXBx6DkkJmAGyPexU279WnjVZ6ySWKI:1iNy0evmxvkJmApPexUm9cVEm

File size 544.7 KB ( 557798 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.6.9, stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
elf

VirusTotal metadata
First submission 2017-08-07 09:16:48 UTC ( 1 year, 2 months ago )
Last submission 2017-08-07 09:16:48 UTC ( 1 year, 2 months ago )
File names sjkjgucew
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!