× Cookies are disabled! This site requires cookies to be enabled to work properly
SHA256: 694fc1f7f17d5f3c447fcdb83fa6177b736b241430e70309a4b3111ef1d0e3b9
File name: EtOcOozzd
Detection ratio: 26 / 52
Analysis date: 2017-02-10 21:27:06 UTC ( 9 months, 1 week ago ) View latest
Antivirus Result Update
Ad-Aware Backdoor.Linux.Mumblehard.C 20170210
AegisLab Linux.Troj.Agent!c 20170210
AhnLab-V3 Linux/Backdoor.7818 20170210
ALYac Backdoor.Linux.Mumblehard.C 20170210
Arcabit Backdoor.Linux.Mumblehard.C 20170210
Avast ELF:DropPerl-M [Trj] 20170210
AVG Linux/Generic_c.ASR 20170210
BitDefender Backdoor.Linux.Mumblehard.C 20170210
ClamAV Unix.Malware.Agent-1401041 20170210
Cyren ELF/Trojan.AFDS-6 20170210
DrWeb Linux.Mumblehard.2 20170210
Emsisoft Backdoor.Linux.Mumblehard.C (B) 20170210
ESET-NOD32 Linux/Mumblehard.U 20170210
F-Secure Backdoor.Linux.Mumblehard.C 20170210
GData Backdoor.Linux.Mumblehard.C 20170210
Ikarus Backdoor.Linux.Mumblehard 20170210
Jiangmin TrojanDropper.Linux.ah 20170210
Kaspersky Trojan-Dropper.Linux.Agent.c 20170210
Microsoft Backdoor:Linux/Mumblehard.gen!A 20170210
eScan Backdoor.Linux.Mumblehard.C 20170210
NANO-Antivirus Trojan.Unix.Agent.eksrap 20170210
Qihoo-360 Win32/Trojan.Dropper.bcd 20170210
Sophos AV Troj/Leprox-A 20170210
Symantec Linux.Mumblehard 20170210
TrendMicro ELF_MUMBLE.TNI 20170210
Zillya Trojan.Mumblehard.Linux.7 20170210
Alibaba 20170122
Antiy-AVL 20170210
Avira (no cloud) 20170210
AVware 20170210
Baidu 20170210
Bkav 20170210
CAT-QuickHeal 20170210
CMC 20170210
Comodo 20170210
CrowdStrike Falcon (ML) 20170130
Endgame 20170208
F-Prot 20170210
Fortinet 20170210
Sophos ML 20170203
K7AntiVirus 20170210
K7GW 20170210
Kingsoft 20170210
Malwarebytes 20170210
McAfee 20170210
McAfee-GW-Edition 20170210
nProtect 20170210
Panda 20170210
Rising 20170210
Tencent 20170210
TheHacker 20170209
Trustlook 20170210
VBA32 20170210
VIPRE 20170210
ViRobot 20170210
WhiteArmor 20170202
Yandex 20170210
Zoner 20170210
The file being studied is an ELF! More specifically, it is a EXEC (Executable file) ELF for Unix systems running on Intel 80386 machines.
ELF Header
Class ELF32
Data 2's complement, little endian
Header version 1 (current)
OS ABI UNIX - System V
ABI version 0
Object file type EXEC (Executable file)
Required architecture Intel 80386
Object file version 0x1
Program headers 2
Section headers 7
ELF sections
ELF Segments
.text
.data
.bss
Exported symbols
ExifTool file metadata
MIMEType
application/octet-stream

CPUByteOrder
Little endian

CPUArchitecture
32 bit

FileType
ELF executable

ObjectFileType
Executable file

CPUType
i386

File identification
MD5 dac9b77953422c334cbcbef0422956ee
SHA1 cd307c6cc51ec66628766bc91d2e9384768b7288
SHA256 694fc1f7f17d5f3c447fcdb83fa6177b736b241430e70309a4b3111ef1d0e3b9
ssdeep
192:fMLWdutO4D409tGOMV58ZUiS74CtdNwtn9KHn:fMKaBD4YW59iHCM9KHn

File size 7.6 KB ( 7818 bytes )
File type ELF
Magic literal
ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), statically linked, not stripped

TrID ELF Executable and Linkable format (Linux) (50.1%)
ELF Executable and Linkable format (generic) (49.8%)
Tags
elf

VirusTotal metadata
First submission 2016-04-16 20:48:49 UTC ( 1 year, 7 months ago )
Last submission 2017-11-12 09:10:28 UTC ( 1 week, 2 days ago )
File names badfile.(null)
XcAgDRvpX
qIdQnOz-dac9b77953422c334cbcbef0422956ee
iumsposd
694fc1f7f17d5f3c447fcdb83fa6177b736b241430e70309a4b3111ef1d0e3b9.bin
kImgViWg.virus
didar
wAPAXMlV
IMLegldmcr
crwFcvOKIy
sample
kmvqDD
shell
gdOFghb
IFETfNC
pHHijSUvk
EpldZG
EQqyHLvC
dYDJUPM
yFQBFbzJAB
NzYOtxCa
UOaIZEJJ
sSRWvVke
XStJGnSXk
wpTcVkcUAV
No comments. No VirusTotal Community member has commented on this item yet, be the first one to do so!

Leave your comment...

?
Post comment

You have not signed in. Only registered users can leave comments, sign in and have a voice!

No votes. No one has voted on this item yet, be the first one to do so!