× Cookie が無効になっています。 このサイトを正しく動作させるには、Cookie を有効にする必要があります
SHA256: f8bd024e0f278f011dc20863fd1aac7722141f141097cb02b893e1200563e7f6
ファイル名: 1.svchost
検出率: 34 / 57
分析日時: 2017-05-18 01:12:16 UTC (2 ヶ月, 1 週間前)
ウイルス対策ソフト 結果 更新日
Ad-Aware Backdoor.Linux.Ganiw.H 20170518
AegisLab Backdoor.Linux.Ganiw!c 20170517
AhnLab-V3 Linux/Backdoor.1135000 20170517
ALYac Backdoor.Linux.Ganiw.H 20170518
Antiy-AVL Trojan[Backdoor]/Linux.Ganiw.a 20170518
Arcabit Backdoor.Linux.Ganiw.H 20170518
Avast ELF:Elknot-AE [Trj] 20170518
AVG Linux/BackDoor_c.CK 20170517
Avira (no cloud) LINUX/Setag.bffyn 20170517
BitDefender Backdoor.Linux.Ganiw.H 20170517
CAT-QuickHeal Backdoor.Linux.Setag.E 20170517
ClamAV Legacy.Trojan.Agent-1388639 20170517
Cyren ELF/Backdoor.ZNIG- 20170518
DrWeb Linux.BackDoor.Gates.9 20170518
Emsisoft Backdoor.Linux.Ganiw.H (B) 20170518
ESET-NOD32 Linux/Setag.B.Gen 20170517
F-Secure Backdoor.Linux.Ganiw.H 20170517
Fortinet ELF/Agent.IGE!tr 20170518
GData Linux.Trojan.Siggen.D 20170517
Ikarus Trojan.Linux.BillGates 20170517
Jiangmin Backdoor/Linux.ii 20170518
Kaspersky HEUR:Backdoor.Linux.Ganiw.d 20170517
McAfee Linux/Agent.A 20170517
McAfee-GW-Edition Linux/Agent.A 20170517
Microsoft Backdoor:Linux/Setag!rfn 20170517
eScan Backdoor.Linux.Ganiw.H 20170518
NANO-Antivirus Trojan.Unix.Ganiw.dirahp 20170517
Qihoo-360 Win32/Backdoor.eeb 20170518
Sophos AV Linux/DDoS-BD 20170517
Symantec Linux.Chikdos.B!gen2 20170517
TrendMicro ELF_SETAG.SM 20170517
TrendMicro-HouseCall ELF_SETAG.SM 20170517
Zillya Downloader.OpenConnection.JS.100251 20170517
ZoneAlarm by Check Point HEUR:Backdoor.Linux.Ganiw.d 20170518
Alibaba 20170517
AVware 20170518
Baidu 20170503
Bkav 20170517
CMC 20170517
Comodo 20170518
CrowdStrike Falcon (ML) 20170130
Endgame 20170515
F-Prot 20170518
Sophos ML 20170516
K7AntiVirus 20170517
K7GW 20170517
Kingsoft 20170518
Malwarebytes 20170517
nProtect 20170518
Palo Alto Networks (Known Signatures) 20170518
Panda 20170517
Rising 20170513
SentinelOne (Static ML) 20170516
SUPERAntiSpyware 20170518
Symantec Mobile Insight 20170517
Tencent 20170518
TheHacker 20170516
TotalDefense 20170517
Trustlook 20170518
VBA32 20170517
VIPRE 20170517
ViRobot 20170517
Webroot 20170518
WhiteArmor 20170517
Yandex 20170517
Zoner 20170518
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 5
Section headers 28
ELF sections
ELF Segments
.note.ABI-tag
.init
.text
__libc_thread_freeres_fn
__libc_freeres_fn
.fini
.rodata
__libc_atexit
__libc_subfreeres
__libc_thread_subfreeres
.eh_frame
.gcc_except_table
.ctors
.dtors
.jcr
.data.rel.ro
.got
.got.plt
.data
.bss
__libc_freeres_ptrs
.note.ABI-tag
Segment without sections
Segment without sections
Imported symbols
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
i386

File identification
MD5 821aceafa328be634b572c53923c775c
SHA1 f6bd3b3d44f424bb55eb36c92bed5428d3c6193b
SHA256 f8bd024e0f278f011dc20863fd1aac7722141f141097cb02b893e1200563e7f6
ssdeep
24576:4vRE7caCfKGPqVEDNLFxKsfalI+gIGYuuCol7r:4vREKfPqVE5jKsfalRHGVo7r

File size 1.1 MB ( 1135000 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, for GNU/Linux 2.2.5, not stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
elf

VirusTotal metadata
First submission 2017-03-28 13:31:38 UTC (3 ヶ月, 4 週間前)
Last submission 2017-04-07 17:45:01 UTC (3 ヶ月, 2 週間前)
ファイル名 1.svchost
200.exe
コメントはありません. この項目について、VirusTotal コミュニティのメンバーはまだ誰もコメントしていません。是非、コメントしてください。

コメントを投稿してください...

?
コメントを投稿

サインインしていません。登録ユーザーのみがコメントを投稿できます。サインインして意見をお聞かせください。

投票はありません. この項目に対してまだ誰も投票していません。是非、投票してください。