× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: daaa7d7be4c1b7878d44bfc774b50591e25e1c6ad43e4c68d9bccc0b468f1020
File name: DDosStarter
Detection ratio: 0 / 57
Analysis date: 2015-01-17 10:42:38 UTC ( 3 years, 9 months ago ) View latest
Antivirus Result Update
Ad-Aware 20150117
AegisLab 20150117
Yandex 20150116
AhnLab-V3 20150116
Alibaba 20150116
ALYac 20150117
Antiy-AVL 20150117
Avast 20150117
AVG 20150117
Avira (no cloud) 20150117
AVware 20150117
Baidu-International 20150117
BitDefender 20150117
Bkav 20150117
ByteHero 20150117
CAT-QuickHeal 20150117
ClamAV 20150117
CMC 20150116
Comodo 20150117
Cyren 20150117
DrWeb 20150117
Emsisoft 20150117
ESET-NOD32 20150117
F-Prot 20150117
F-Secure 20150117
Fortinet 20150117
GData 20150117
Ikarus 20150117
Jiangmin 20150116
K7AntiVirus 20150117
K7GW 20150116
Kaspersky 20150117
Kingsoft 20150117
Malwarebytes 20150117
McAfee 20150117
McAfee-GW-Edition 20150117
Microsoft 20150117
eScan 20150117
NANO-Antivirus 20150117
Norman 20150117
nProtect 20150116
Panda 20150116
Qihoo-360 20150117
Rising 20150116
Sophos AV 20150117
SUPERAntiSpyware 20150117
Symantec 20150117
Tencent 20150117
TheHacker 20150116
TotalDefense 20150116
TrendMicro 20150117
TrendMicro-HouseCall 20150117
VBA32 20150116
VIPRE 20150117
ViRobot 20150117
Zillya 20150116
Zoner 20150116
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Advanced Micro Devices X86-64 machines.
ELF Header
Class ELF64
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Advanced Micro Devices X86-64
Object file version 0x1
Program headers 8
Section headers 29
ELF sections
ELF Segments
Segment without sections
.interp
.interp
.note.ABI-tag
.gnu.hash
.dynsym
.dynstr
.gnu.version
.gnu.version_r
.rela.dyn
.rela.plt
.init
.plt
.text
.fini
.rodata
.eh_frame_hdr
.eh_frame
.ctors
.dtors
.jcr
.dynamic
.got
.got.plt
.data
.bss
.dynamic
.note.ABI-tag
.eh_frame_hdr
Segment without sections
Shared libraries
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
64 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
AMD x86-64

Compressed bundles
File identification
MD5 de02e614119b5078fb9e5e1d506965a4
SHA1 9ed5ea1aa670f8873e30c404df3545b5d9da5294
SHA256 daaa7d7be4c1b7878d44bfc774b50591e25e1c6ad43e4c68d9bccc0b468f1020
ssdeep
192:G5Dn3NcbYLYHfFNdf3KPqYq7aJqCNIeExnH9o:qNAYLmNd5eJq0IesHy

File size 10.6 KB ( 10860 bytes )
File type ELF
Magic literal
ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.9, not stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
64bits elf

VirusTotal metadata
First submission 2015-01-17 10:42:38 UTC ( 3 years, 9 months ago )
Last submission 2016-02-02 20:55:33 UTC ( 2 years, 8 months ago )
File names 9ed5ea1aa670f8873e30c404df3545b5d9da5294_DDosStarter
DDosStarter.64
DDosStarter
DE02E614119B5078FB9E5E1D506965A4
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!