× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 994c6a202d7d4d82520c5bb7c3f719a39e6ce5bf9d89add804105858bb2aff96
File name: VirusShare_e7c2f99b30daf8d99f6b5911d25fd8c7
Detection ratio: 38 / 58
Analysis date: 2018-10-09 10:07:46 UTC ( 2 months ago )
Antivirus Result Update
Ad-Aware Trojan.Linux.Generic.1503 20181009
AhnLab-V3 Linux/Ddosagent.1524643 20181009
ALYac Backdoor.Linux.Mayday 20181009
Antiy-AVL Trojan[Backdoor]/Linux.Mayday.f 20181009
Arcabit Trojan.Linux.Generic.D5DF 20181009
Avast ELF:Elknot-BY [Trj] 20181009
AVG ELF:Elknot-BY [Trj] 20181009
BitDefender Trojan.Linux.Generic.1503 20181009
CAT-QuickHeal Trojan.Linux.Elknot.C 20181008
ClamAV Unix.Trojan.Elknot-1 20181009
Comodo UnclassifiedMalware 20181009
Cyren ELF/Trojan.LPKQ-2 20181009
DrWeb Linux.DDoS.11 20181009
Emsisoft Trojan.Linux.Generic.1503 (B) 20181009
ESET-NOD32 Linux/Elknot.B 20181009
F-Secure Trojan.Linux.Generic.1503 20181009
Fortinet ELF/DDOS.BA!tr.bdr 20181009
GData Trojan.Linux.Generic.1503 20181009
Ikarus DoS.Linux.Elknot 20181009
Jiangmin Backdoor/Linux.hw 20181009
K7AntiVirus Trojan ( 0001140e1 ) 20181009
K7GW Trojan ( 0001140e1 ) 20181009
Kaspersky Backdoor.Linux.Mayday.f 20181009
MAX malware (ai score=100) 20181009
McAfee Linux/BackDoor 20181009
McAfee-GW-Edition Linux/BackDoor 20181009
Microsoft DoS:Linux/Elknot!rfn 20181009
eScan Trojan.Linux.Generic.1503 20181009
NANO-Antivirus Trojan.Elf32.DDoS.dnckxa 20181009
Qihoo-360 Win32/Trojan.9e3 20181009
Sophos AV Linux/DDoS-AZ 20181009
Symantec Linux.Chikdos.B 20181009
Tencent Trojan.Linux.Mayday.a 20181009
TotalDefense Linux/Mayday.A 20181009
TrendMicro ELF_ELKNOT.TNI 20181009
TrendMicro-HouseCall ELF_ELKNOT.TNI 20181009
Zillya Downloader.OpenConnection.JS.93127 20181008
ZoneAlarm by Check Point Backdoor.Linux.Mayday.f 20181009
AegisLab 20181009
Alibaba 20180921
Avast-Mobile 20181008
Avira (no cloud) 20181009
AVware 20180925
Babable 20180918
Baidu 20181009
Bkav 20181008
CMC 20181009
CrowdStrike Falcon (ML) 20180723
Cybereason 20180225
Cylance 20181009
eGambit 20181009
Endgame 20180730
F-Prot 20181009
Sophos ML 20180717
Kingsoft 20181009
Malwarebytes 20181009
Palo Alto Networks (Known Signatures) 20181009
Panda 20181008
Rising 20181009
SentinelOne (Static ML) 20180926
SUPERAntiSpyware 20181006
Symantec Mobile Insight 20181001
TACHYON 20181009
TheHacker 20181008
Trustlook 20181009
VBA32 20181009
ViRobot 20181008
Webroot 20181009
Yandex 20181008
Zoner 20181008
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 5
Section headers 28
ELF sections
ELF Segments
.note.ABI-tag
.init
.text
__libc_freeres_fn
__libc_thread_freeres_fn
.fini
.rodata
__libc_subfreeres
__libc_atexit
__libc_thread_subfreeres
.eh_frame
.gcc_except_table
.ctors
.dtors
.jcr
.data.rel.ro
.got
.got.plt
.data
.bss
__libc_freeres_ptrs
.note.ABI-tag
Segment without sections
Segment without sections
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
i386

Compressed bundles
File identification
MD5 e7c2f99b30daf8d99f6b5911d25fd8c7
SHA1 06957097fe51829b4c7e8009cd3dce5ba565e920
SHA256 994c6a202d7d4d82520c5bb7c3f719a39e6ce5bf9d89add804105858bb2aff96
ssdeep
24576:hNJp/2SkgT4KUAopmhDO2Aan9XgnU6tZAf4Nzbm6g+qF2SdYOrhG0+bL+cH8y6LL:hNvOx/Vp/2bn9XgnNtmf28rh/bccIwhL

File size 1.5 MB ( 1524643 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.2.5, not stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
elf

VirusTotal metadata
First submission 2014-01-25 15:22:50 UTC ( 4 years, 10 months ago )
Last submission 2018-10-09 10:07:46 UTC ( 2 months ago )
File names gfhjrtfyhuf
aa
download.1397325308
sksapd
codex-gigas_9151edcd6845b8aeae7fba1315572f01
gfhjrtfyhuf_virus
e7c2f99b30daf8d99f6b5911d25fd8c7
vti-rescan
gfhjrtfyhuf.decomp
20140129110955_http___122_224_34_75_8182_sksapdd
VirusShare_e7c2f99b30daf8d99f6b5911d25fd8c7
noname
download.1398159465
sksapdd
cJqNwl_Gl.xltm
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!