× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 98a0e070e4675915dcd6317b266cc8e025a271e7ff3e633bc21bb6f6933f0223
File name: a47179c51c2b9ea438ee75b30716388612b900ea_9999
Detection ratio: 31 / 55
Analysis date: 2016-11-17 06:38:53 UTC ( 7 months, 1 week ago )
Antivirus Result Update
Ad-Aware Trojan.Linux.Ddos.C 20161117
AegisLab Linux.Mrblack.Gen!c 20161117
AhnLab-V3 Linux/Ddostf.754508 20161116
ALYac Trojan.Linux.Ddos.C 20161117
Antiy-AVL Trojan[DDoS]/Linux.Ddostf.a 20161117
Arcabit Trojan.Linux.Ddos.C 20161117
Avast ELF:Ddostf-A 20161117
AVG Linux/Generic_c.ARJ 20161117
Avira (no cloud) LINUX/Ddostf.EL.1 20161116
BitDefender Trojan.Linux.Ddos.C 20161117
CAT-QuickHeal Trojan.Linux.DDos.TF 20161117
DrWeb Linux.DDoS.82 20161117
Emsisoft Trojan.Linux.Ddos.C (B) 20161117
ESET-NOD32 Linux/Ddostf.A 20161117
F-Secure Trojan.Linux.Ddos.C 20161117
GData Trojan.Linux.Ddos.C 20161117
Ikarus Trojan.Linux.ChinaZ 20161116
Jiangmin TrojanDDoS.Linux.er 20161116
K7AntiVirus Trojan ( 0001140e1 ) 20161116
K7GW Trojan ( 0001140e1 ) 20161117
Kaspersky HEUR:Trojan-DDoS.Linux.Ddostf.a 20161117
McAfee Linux/Ddostf 20161117
McAfee-GW-Edition Linux/Ddostf 20161116
eScan Trojan.Linux.Ddos.C 20161117
NANO-Antivirus Trojan.Unix.Ddostf.ebdodd 20161117
Qihoo-360 Win32/Virus.DDoS.410 20161117
Sophos Linux/DDoS-TF 20161117
Symantec DDoS.Trojan 20161117
Tencent Linux.Trojan-ddos.Ddostf.Wuqz 20161117
ViRobot Trojan.Linux.S.DDoS-Agent.754508[h] 20161117
Zillya Trojan.Ddostf.Linux.1 20161116
Alibaba 20161117
AVware 20161117
Baidu 20161117
Bkav 20161116
ClamAV 20161117
CMC 20161117
Comodo 20161117
CrowdStrike Falcon (ML) 20161024
Cyren 20161117
F-Prot 20161117
Fortinet 20161117
Invincea 20161018
Kingsoft 20161117
Malwarebytes 20161117
Microsoft 20161117
nProtect 20161117
Panda 20161115
Rising 20161117
SUPERAntiSpyware 20161117
TheHacker 20161115
TotalDefense 20161116
TrendMicro 20161117
TrendMicro-HouseCall 20161117
VBA32 20161115
VIPRE 20161117
Yandex 20161116
Zoner 20161117
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - Linux
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 5
Section headers 30
ELF sections
ELF Segments
.note.ABI-tag
.rel.plt
.init
.plt
.text
__libc_freeres_fn
__libc_thread_freeres_fn
.fini
.rodata
__libc_atexit
__libc_subfreeres
__libc_thread_subfreeres
.stapsdt.base
.eh_frame
.gcc_except_table
.ctors
.dtors
.jcr
.data.rel.ro
.got
.got.plt
.data
.bss
__libc_freeres_ptrs
.note.ABI-tag
Segment without sections
Segment without sections
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
i386

Compressed bundles
File identification
MD5 dac95d35a611cc8b4f21f9f77e10ead9
SHA1 a47179c51c2b9ea438ee75b30716388612b900ea
SHA256 98a0e070e4675915dcd6317b266cc8e025a271e7ff3e633bc21bb6f6933f0223
ssdeep
12288:lTurEUKhROhnCzrwsrsNuRIHZB62atXtjBIuMAI0VpnJJyeVxy5la8AJv:lqrEJhROh8rwKsNrDK9xM3cJyeg0Jv

File size 736.8 KB ( 754508 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (GNU/Linux), statically linked, for GNU/Linux 2.6.18, from 'p) 4@%edi 4@$0', stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
elf

VirusTotal metadata
First submission 2015-11-27 05:51:48 UTC ( 1 year, 7 months ago )
Last submission 2016-01-19 10:26:56 UTC ( 1 year, 5 months ago )
File names a47179c51c2b9ea438ee75b30716388612b900ea_9999
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!