× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: fd6060b963d1b5ca7a07b5a283ad99105298a6708e44d286440a506738a17e34
File name: a10.zip.ELF.ChinaZDdos
Detection ratio: 25 / 55
Analysis date: 2015-06-23 16:52:58 UTC ( 2 years, 5 months ago ) View latest
Antivirus Result Update
Ad-Aware Trojan.Agent.BIXD 20150623
ALYac Trojan.Agent.BIXD 20150623
Arcabit Trojan.Agent.BIXD 20150623
Avast ELF:Xorddos-M [Trj] 20150623
AVG Linux/DDoS.XOR 20150623
BitDefender Trojan.Agent.BIXD 20150623
CAT-QuickHeal Linux.Xarcen.P6ac 20150623
ClamAV Unix.Trojan.DDoS_XOR-1 20150623
DrWeb Linux.DDoS.60 20150623
Emsisoft Trojan.Agent.BIXD (B) 20150623
ESET-NOD32 a variant of Linux/Xorddos.F 20150623
F-Secure Trojan.Agent.BIXD 20150623
Fortinet ELF/DDoS.BH!tr 20150623
GData Trojan.Agent.BIXD 20150623
Ikarus Trojan.DDoS 20150623
Jiangmin TrojanDDoS.Linux.k 20150620
Kaspersky HEUR:Trojan-DDoS.Linux.Xarcen.a 20150623
Microsoft DoS:Linux/Xorddos.A 20150623
eScan Trojan.Agent.BIXD 20150623
NANO-Antivirus Trojan.Unix.Xarcen.dsqiab 20150623
nProtect Trojan.Agent.BIXD 20150623
Rising NORMAL:Trojan.Linux.Xorddos.d!1616198 20150623
Sophos AV Linux/DDoS-BH 20150623
ViRobot Linux.S.Agent.625707.A[h] 20150623
Zillya Downloader.OpenConnection.JS.114052 20150623
AegisLab 20150623
Yandex 20150622
AhnLab-V3 20150623
Alibaba 20150623
Antiy-AVL 20150623
Avira (no cloud) 20150623
AVware 20150623
Baidu-International 20150623
Bkav 20150623
ByteHero 20150623
Comodo 20150623
Cyren 20150623
F-Prot 20150623
K7AntiVirus 20150623
K7GW 20150623
Kingsoft 20150623
Malwarebytes 20150623
McAfee 20150623
McAfee-GW-Edition 20150623
Panda 20150623
Qihoo-360 20150623
SUPERAntiSpyware 20150623
Symantec 20150623
Tencent 20150623
TheHacker 20150622
TrendMicro 20150623
TrendMicro-HouseCall 20150623
VBA32 20150622
VIPRE 20150623
Zoner 20150623
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 5
Section headers 28
ELF sections
ELF Segments
.note.ABI-tag
.init
.text
__libc_freeres_fn
__libc_thread_freeres_fn
.fini
.rodata
__libc_subfreeres
__libc_atexit
__libc_thread_subfreeres
.eh_frame
.gcc_except_table
.ctors
.dtors
.jcr
.data.rel.ro
.got
.got.plt
.data
.bss
__libc_freeres_ptrs
.note.ABI-tag
Segment without sections
Segment without sections
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
i386

Compressed bundles
File identification
MD5 83eea5625ca2affd3e841d3b374e88eb
SHA1 dca946f677a1be95fb3ef6adc950730b4736a405
SHA256 fd6060b963d1b5ca7a07b5a283ad99105298a6708e44d286440a506738a17e34
ssdeep
12288:UB1tATMVAqnf+ExxBHYpmA38X8LYkCW6Tipx6yB1/iGK4UlUuTh1AG:UB1BVpmExDYp38X8LYTWhpfNiGQl/91h

File size 611.0 KB ( 625707 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.6.9, not stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
elf

VirusTotal metadata
First submission 2015-04-07 07:35:23 UTC ( 2 years, 7 months ago )
Last submission 2017-02-25 01:46:02 UTC ( 9 months ago )
File names a10
VirusShare_83eea5625ca2affd3e841d3b374e88eb
a10.zip.ELF.XorDdos
Vl1IEz1U.scr
K_EvhfO.vbs
a10.zip
a10.zip.ELF.ChinaZDdos
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!