× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: a7933180f8525512f953717c353c819f5de5864485c359b0240ffa50d5588f07
File name: bash.x64.Linux.KillFile.mmd
Detection ratio: 2 / 55
Analysis date: 2015-07-20 05:11:25 UTC ( 3 years, 10 months ago ) View latest
Antivirus Result Update
Avast ELF:Iptablesx-I [Drp] 20150720
Symantec Downloader 20150720
Ad-Aware 20150720
AegisLab 20150719
Yandex 20150717
AhnLab-V3 20150719
Alibaba 20150720
ALYac 20150720
Antiy-AVL 20150720
Arcabit 20150720
AVG 20150720
Avira (no cloud) 20150717
AVware 20150720
Baidu-International 20150719
BitDefender 20150720
Bkav 20150718
ByteHero 20150720
CAT-QuickHeal 20150717
ClamAV 20150717
Comodo 20150720
Cyren 20150720
DrWeb 20150720
Emsisoft 20150720
ESET-NOD32 20150720
F-Prot 20150720
F-Secure 20150720
Fortinet 20150720
GData 20150720
Ikarus 20150720
Jiangmin 20150719
K7AntiVirus 20150719
K7GW 20150720
Kaspersky 20150720
Kingsoft 20150720
Malwarebytes 20150720
McAfee 20150720
McAfee-GW-Edition 20150719
Microsoft 20150720
eScan 20150720
NANO-Antivirus 20150720
nProtect 20150717
Panda 20150719
Qihoo-360 20150720
Rising 20150718
Sophos AV 20150720
SUPERAntiSpyware 20150720
Tencent 20150720
TheHacker 20150717
TrendMicro 20150720
TrendMicro-HouseCall 20150720
VBA32 20150718
VIPRE 20150720
ViRobot 20150720
Zillya 20150719
Zoner 20150720
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Advanced Micro Devices X86-64 machines.
ELF Header
Class ELF64
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Advanced Micro Devices X86-64
Object file version 0x1
Program headers 8
Section headers 30
ELF sections
ELF Segments
Segment without sections
.interp
.interp
.note.ABI-tag
.note.gnu.build-id
.gnu.hash
.dynsym
.dynstr
.gnu.version
.gnu.version_r
.rela.dyn
.rela.plt
.init
.plt
.text
.fini
.rodata
.eh_frame_hdr
.eh_frame
.ctors
.dtors
.jcr
.dynamic
.got
.got.plt
.data
.bss
.dynamic
.note.ABI-tag
.note.gnu.build-id
.eh_frame_hdr
Segment without sections
Shared libraries
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
64 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
AMD x86-64

File identification
MD5 bbba83f2d69166005f35807e93261b58
SHA1 922b175fa06d6dbf06789c6583b5d3cfc716dc01
SHA256 a7933180f8525512f953717c353c819f5de5864485c359b0240ffa50d5588f07
ssdeep
192:GO8B/xUgGO5XbZ/0enQvtvbBaE/RKo+8PUK/njS/ZwAWOR5OTifbeP:SQgGML5TQvBb3/RKo+PEJAdOTif+

File size 19.7 KB ( 20219 bytes )
File type ELF
Magic literal
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.18, not stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
64bits elf

VirusTotal metadata
First submission 2015-07-13 21:15:13 UTC ( 3 years, 10 months ago )
Last submission 2015-07-27 20:07:12 UTC ( 3 years, 9 months ago )
File names bash64
bash.x64.Linux.KillFile.mmd
BBBA83F2D69166005F35807E93261B58
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!