× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: c1014f0ff0efc018e28300c2296459948489bd5d22633a0af1ca6ffb0c2336fe
File name: Explorer-aovtu-getamen-Interns
Detection ratio: 10 / 55
Analysis date: 2014-09-07 02:11:19 UTC ( 4 years, 6 months ago ) View latest
Antivirus Result Update
AhnLab-V3 Linux/Backdoor.1135000 20140906
Avast ELF:Elknot-AO [Cryp] 20140907
CAT-QuickHeal Linux.Ganiw.a50a 20140904
DrWeb Linux.BackDoor.Gates.6 20140907
ESET-NOD32 Linux/Agent.I.Gen 20140906
Ikarus Trojan.Linux.Agent 20140906
Jiangmin Backdoor/Linux.kg 20140906
Sophos AV Linux/DDoS-BD 20140907
Symantec Trojan.Chikdos.B!gen2 20140907
Zillya Downloader.OpenConnection.JS.100251 20140906
Ad-Aware 20140907
AegisLab 20140907
Yandex 20140906
Antiy-AVL 20140906
AVG 20140906
Avira (no cloud) 20140906
AVware 20140907
Baidu-International 20140906
BitDefender 20140907
Bkav 20140906
ByteHero 20140907
ClamAV 20140906
CMC 20140904
Comodo 20140907
Cyren 20140907
Emsisoft 20140907
F-Prot 20140907
F-Secure 20140906
Fortinet 20140907
GData 20140907
K7AntiVirus 20140905
K7GW 20140905
Kaspersky 20140906
Kingsoft 20140907
Malwarebytes 20140907
McAfee 20140907
McAfee-GW-Edition 20140906
Microsoft 20140907
eScan 20140907
NANO-Antivirus 20140907
Norman 20140906
nProtect 20140905
Panda 20140906
Qihoo-360 20140907
Rising 20140906
SUPERAntiSpyware 20140906
Tencent 20140907
TheHacker 20140905
TotalDefense 20140906
TrendMicro 20140907
TrendMicro-HouseCall 20140907
VBA32 20140905
VIPRE 20140907
ViRobot 20140906
Zoner 20140905
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 5
Section headers 28
ELF sections
ELF Segments
.note.ABI-tag
.init
.text
__libc_thread_freeres_fn
__libc_freeres_fn
.fini
.rodata
__libc_atexit
__libc_subfreeres
__libc_thread_subfreeres
.eh_frame
.gcc_except_table
.ctors
.dtors
.jcr
.data.rel.ro
.got
.got.plt
.data
.bss
__libc_freeres_ptrs
.note.ABI-tag
Segment without sections
Segment without sections
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

FileAccessDate
2014:11:19 05:25:23+01:00

ObjectFileType
Executable file

CPUType
i386

FileCreateDate
2014:11:19 05:25:23+01:00

File identification
MD5 8edc49c7775ea6b5468ec60961ed3cc2
SHA1 9116ca00bcc024f89930b46334459fea72d03087
SHA256 c1014f0ff0efc018e28300c2296459948489bd5d22633a0af1ca6ffb0c2336fe
ssdeep
24576:4vRE7caCfKGPqVEDNLFxKsfawI+gIGYuuCol7r:4vREKfPqVE5jKsfawRHGVo7r

File size 1.1 MB ( 1135000 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.2.5, not stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
elf

VirusTotal metadata
First submission 2014-09-07 02:11:19 UTC ( 4 years, 6 months ago )
Last submission 2014-11-19 04:25:17 UTC ( 4 years, 4 months ago )
File names vti-rescan
Explorers
Explorer-aovtu-getamen-Interns
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!