× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: fcdb32cb8c21fd9f45249aa6b6f7895744f55b0668ff8f14229f882cc0b8cb84
File name: 4806cf1a0e83a30f97ac862853a170d874b09978_sshv-service
Detection ratio: 30 / 55
Analysis date: 2016-11-17 06:39:06 UTC ( 5 months, 1 week ago )
Antivirus Result Update
Ad-Aware Trojan.Linux.Sshscan.A 20161117
AegisLab Troj.Linux.Bruret!c 20161117
AhnLab-V3 Linux/Sshscan.1135679 20161116
ALYac Trojan.Linux.Sshscan.A 20161117
Arcabit Trojan.Linux.Sshscan.A 20161117
Avast ELF:Sshv-A [Trj] 20161117
AVG Linux/Generic_c.ANN 20161117
Avira (no cloud) LINUX/Sshvbot.B 20161116
BitDefender Trojan.Linux.Sshscan.A 20161117
CAT-QuickHeal Linux.Sshscan.CE821 20161117
DrWeb Linux.Sshcrack.2 20161117
Emsisoft Trojan.Linux.Sshscan.A (B) 20161117
ESET-NOD32 Linux/Sshscan.B 20161117
F-Secure Trojan.Linux.Sshscan.A 20161117
GData Trojan.Linux.Sshscan.A 20161117
Ikarus Trojan.Linux.Sshscan 20161116
Jiangmin Trojan.Linux.au 20161116
K7AntiVirus Trojan ( 0001140e1 ) 20161116
K7GW Trojan ( 0001140e1 ) 20161117
Kaspersky HEUR:Trojan.Linux.Bruret.a 20161117
Microsoft Trojan:Linux/Sshscan.A 20161117
eScan Trojan.Linux.Sshscan.A 20161117
NANO-Antivirus Trojan.Unix.Bruret.ebdnzj 20161117
Qihoo-360 Win32/Trojan.b0f 20161117
Rising Trojan.JerryScan/Linux!1.A410 (classic) 20161117
Sophos Troj/SSHScan-B 20161117
Symantec Linux.Sshscan 20161117
Tencent Linux.Trojan.Bruret.Wwnw 20161117
ViRobot Linux.S.SSHV.1135679[h] 20161117
Zillya Downloader.OpenConnection.JS.155835 20161116
Alibaba 20161117
Antiy-AVL 20161117
AVware 20161117
Baidu 20161117
Bkav 20161116
ClamAV 20161117
CMC 20161117
Comodo 20161117
CrowdStrike Falcon (ML) 20161024
Cyren 20161117
F-Prot 20161117
Fortinet 20161117
Invincea 20161018
Kingsoft 20161117
Malwarebytes 20161117
McAfee 20161117
McAfee-GW-Edition 20161116
nProtect 20161117
Panda 20161115
SUPERAntiSpyware 20161117
TheHacker 20161115
TotalDefense 20161116
TrendMicro 20161117
TrendMicro-HouseCall 20161117
VBA32 20161115
VIPRE 20161117
Yandex 20161116
Zoner 20161117
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 9
Section headers 32
ELF sections
ELF Segments
Segment without sections
.interp
.interp
.note.ABI-tag
.note.gnu.build-id
.hash
.gnu.hash
.dynsym
.dynstr
.gnu.version
.gnu.version_r
.rel.dyn
.rel.plt
.init
.plt
.text
.fini
.rodata
.eh_frame_hdr
.eh_frame
.ctors
.dtors
.jcr
.data.rel.ro
.dynamic
.got
.got.plt
.data
.bss
.dynamic
.note.ABI-tag
.note.gnu.build-id
.eh_frame_hdr
Segment without sections
.ctors
.dtors
.jcr
.data.rel.ro
.dynamic
.got
Shared libraries
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
i386

Compressed bundles
File identification
MD5 dfc09aa4b5c7b49d804d2ce046defb60
SHA1 4806cf1a0e83a30f97ac862853a170d874b09978
SHA256 fcdb32cb8c21fd9f45249aa6b6f7895744f55b0668ff8f14229f882cc0b8cb84
ssdeep
24576:jg1enXVsbMQ1+Gn3tFqPAaKqxFFRdbbnqxhwTSexkZxC:s1enXVszMGn3tFwTxvbbqoTSexknC

File size 1.1 MB ( 1135679 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked (uses shared libs), for GNU/Linux 2.6.15, not stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
elf

VirusTotal metadata
First submission 2015-12-22 16:29:48 UTC ( 1 year, 4 months ago )
Last submission 2016-01-15 15:45:48 UTC ( 1 year, 3 months ago )
File names 4806cf1a0e83a30f97ac862853a170d874b09978_sshv-service
sshv-service
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!