× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: e27571a89dfbb256bdf2aa7ff0a062bd10bd712c46d7ddc045a8ac85c4903c2f
File name: testfile
Detection ratio: 8 / 47
Analysis date: 2014-08-25 23:57:18 UTC ( 4 years, 7 months ago ) View latest
Antivirus Result Update
AhnLab-V3 Linux/Backdoor.1135000 20140825
Avast ELF:Elknot-AO [Cryp] 20140825
CAT-QuickHeal Linux.Ganiw.a50a 20140825
ESET-NOD32 Linux/Agent.I.Gen 20140825
Ikarus Trojan.Linux.Agent 20140825
Jiangmin Backdoor/Linux.kg 20140825
Sophos AV Linux/DDoS-BD 20140825
Zillya Downloader.OpenConnection.JS.100251 20140825
Ad-Aware 20140825
AegisLab 20140825
Yandex 20140825
AntiVir 20140825
Antiy-AVL 20140825
AVG 20140825
AVware 20140825
Baidu-International 20140825
BitDefender 20140825
Bkav 20140821
ByteHero 20131127
ClamAV 20140826
CMC 20140825
Commtouch 20140825
Comodo 20140825
DrWeb 20140825
Emsisoft 20140825
F-Prot 20140825
F-Secure 20140825
Fortinet 20140825
GData 20140826
K7AntiVirus 20140825
K7GW 20140825
Kaspersky 20140826
Kingsoft 20140826
Malwarebytes 20140825
McAfee 20140826
McAfee-GW-Edition 20140825
Microsoft 20140825
eScan 20140825
NANO-Antivirus 20140825
Norman 20140825
nProtect 20140825
Panda 20140825
Qihoo-360 20140826
Rising 20140825
SUPERAntiSpyware 20140825
Symantec 20140826
Tencent 20140826
TheHacker 20140822
TotalDefense 20140825
TrendMicro 20140825
TrendMicro-HouseCall 20140826
VBA32 20140825
VIPRE 20140825
ViRobot 20140825
Zoner 20140822
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 5
Section headers 28
ELF sections
ELF Segments
.note.ABI-tag
.init
.text
__libc_thread_freeres_fn
__libc_freeres_fn
.fini
.rodata
__libc_atexit
__libc_subfreeres
__libc_thread_subfreeres
.eh_frame
.gcc_except_table
.ctors
.dtors
.jcr
.data.rel.ro
.got
.got.plt
.data
.bss
__libc_freeres_ptrs
.note.ABI-tag
Segment without sections
Segment without sections
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
i386

File identification
MD5 e97790c1200e6d5c8f4eed64f1736a5d
SHA1 8df8579b3303221b0aa9955f0e11ab6d24525a1a
SHA256 e27571a89dfbb256bdf2aa7ff0a062bd10bd712c46d7ddc045a8ac85c4903c2f
ssdeep
24576:4vRE7caCfKGPqVEDNLFxKsfazI+gIGYuuCol7r:4vREKfPqVE5jKsfazRHGVo7r

File size 1.1 MB ( 1135000 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.2.5, not stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
elf

VirusTotal metadata
First submission 2014-08-25 23:57:18 UTC ( 4 years, 7 months ago )
Last submission 2017-03-22 01:05:39 UTC ( 2 years ago )
File names Explorer-aovtu-getamen-Interne
ZFYR3yNyUE.dotm
YpIFqIrL.reg
ymso
VirusShare_e97790c1200e6d5c8f4eed64f1736a5d
vti-rescan
Ppy6SZE5M4.mht
getamen
testfile
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!