× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: aadb2c3df170432943581c4c79665e614cc4802526c3184aca2da1aac62d72d1
File name: VirusShare_5d10bcb15bedb4b94092c4c2e4d245b6
Detection ratio: 39 / 58
Analysis date: 2017-12-06 18:35:31 UTC ( 4 days, 6 hours ago )
Antivirus Result Update
Ad-Aware Trojan.Linux.Rootkit.SU 20171206
AegisLab Backdoor.Linux.Mayday.f!c 20171206
AhnLab-V3 Linux/Ddosagent.1524643 20171206
ALYac Backdoor.Linux.Mayday 20171206
Antiy-AVL Trojan[Backdoor]/Linux.Mayday.f 20171206
Arcabit Trojan.Linux.Rootkit.SU 20171206
Avast ELF:Elknot-AE [Trj] 20171206
AVG ELF:Elknot-AE [Trj] 20171206
BitDefender Trojan.Linux.Rootkit.SU 20171206
CAT-QuickHeal Trojan.Linux.Elknot.C 20171206
ClamAV Unix.Trojan.Elknot-1 20171206
Comodo UnclassifiedMalware 20171206
Cyren ELF/Trojan.BXCX-3 20171206
DrWeb Linux.DDoS.11 20171206
Emsisoft Trojan.Linux.Rootkit.SU (B) 20171206
ESET-NOD32 Linux/Elknot.B 20171206
F-Secure Trojan.Linux.Rootkit.SU 20171206
Fortinet ELF/DDOS.BA!tr.bdr 20171206
GData Trojan.Linux.Rootkit.SU 20171206
Ikarus ELF.Agent 20171206
Jiangmin Backdoor/Linux.hw 20171206
K7AntiVirus Trojan ( 0001140e1 ) 20171205
K7GW Trojan ( 0001140e1 ) 20171206
Kaspersky Backdoor.Linux.Mayday.f 20171206
MAX malware (ai score=100) 20171206
McAfee Linux/BackDoor 20171206
McAfee-GW-Edition Linux/BackDoor 20171206
Microsoft DoS:Linux/Elknot!rfn 20171206
eScan Trojan.Linux.Rootkit.SU 20171206
NANO-Antivirus Trojan.Unix.DDoS.dnckxa 20171206
Qihoo-360 Win32/Trojan.Flooder.092 20171206
Sophos AV Linux/DDoS-AZ 20171206
Symantec Linux.Chikdos.B 20171206
Tencent Trojan.Linux.Mayday.a 20171206
TrendMicro-HouseCall ELF_ELKNOT.TNI 20171206
VBA32 Trojan.Linux.DDoSer 20171206
ViRobot Trojan.Linux.S.Agent.1524643 20171206
Zillya Downloader.OpenConnection.JS.93127 20171206
ZoneAlarm by Check Point Backdoor.Linux.Mayday.f 20171206
Alibaba 20171206
Avast-Mobile 20171206
Avira (no cloud) 20171206
AVware 20171206
Baidu 20171206
Bkav 20171206
CMC 20171206
CrowdStrike Falcon (ML) 20171016
Cybereason 20171103
Cylance 20171206
eGambit 20171206
Endgame 20171130
F-Prot 20171206
Sophos ML 20170914
Kingsoft 20171206
Malwarebytes 20171206
nProtect 20171206
Palo Alto Networks (Known Signatures) 20171206
Panda 20171206
Rising 20171206
SentinelOne (Static ML) 20171113
SUPERAntiSpyware 20171206
Symantec Mobile Insight 20171206
TheHacker 20171205
Trustlook 20171206
VIPRE 20171206
Webroot 20171206
WhiteArmor 20171204
Yandex 20171205
Zoner 20171206
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 5
Section headers 28
ELF sections
ELF Segments
.note.ABI-tag
.init
.text
__libc_freeres_fn
__libc_thread_freeres_fn
.fini
.rodata
__libc_subfreeres
__libc_atexit
__libc_thread_subfreeres
.eh_frame
.gcc_except_table
.ctors
.dtors
.jcr
.data.rel.ro
.got
.got.plt
.data
.bss
__libc_freeres_ptrs
.note.ABI-tag
Segment without sections
Segment without sections
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
i386

File identification
MD5 5d10bcb15bedb4b94092c4c2e4d245b6
SHA1 6eba031ec658aeb82aed5b94c4ba829da38553f4
SHA256 aadb2c3df170432943581c4c79665e614cc4802526c3184aca2da1aac62d72d1
ssdeep
24576:hNJp/2SkgT4KUAopmhDO2Aan9XgnU6tZAf4Nzbm6g+qF2SdYOrhGQ+bL+cH8y6LL:hNvOx/Vp/2bn9XgnNtmf28rhfbccIwhL

File size 1.5 MB ( 1524643 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.2.5, not stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
elf

VirusTotal metadata
First submission 2013-12-09 16:59:48 UTC ( 4 years ago )
Last submission 2017-12-06 18:35:31 UTC ( 4 days, 6 hours ago )
File names aadb2c3df170432943581c4c79665e614cc4802526c3184aca2da1aac62d72d1
atddd.1
codex-gigas_0c1cac2a019aa1cc2dcc0d3b17fc4477
aa
mDEOKG.xlt
6eba031ec658aeb82aed5b94c4ba829da38553f4_atdd
sdmfdsfhjfe
VirusShare_5d10bcb15bedb4b94092c4c2e4d245b6
sdmfdsfhjfe
atdd
download.1398159629
file-7133735_
download.1397326078
atddd
5d10bcb15bedb4b94092c4c2e4d245b6
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!