Sample : 17ebd33e39aeda51701f48f925340b09596602bbe6bc02a7ec94183797095618

Summary


OS ABI

UNIX - System V
CPU class

64 bit
Persistence (user)

No
Persistence (root)

No
CPU byte order

2's complement LSB
File type

ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /libexec/ld.elf_so, for NetBSD 8.0, not stripped
CPU type

AMD x86-64
Entropy

3.78677142571
Syscalls executed (root)

5
Syscalls executed (user)

5
ELF type

Shared object file

ELF


Class

64 bit
Data encoding

2's complement LSB
Operating system ABI

UNIX - System V
Object file type

Shared object file
ELF version

0.1
Machine

AMD x86-64
Link

dynamic
Entrypoint

0x8c0
Interpreter

'/libexec/ld.elf_so'
Number of segments

8
Number of sections

33
Program header table offset

64
Section header table offset

7440
Program header table - size of entry

56
Section header table - size of entry

64
Program header table - entries

8
Section header table - entries

33
Section header table - index sections names

30
Stripped

False
Sections stripped

False
Needed libraries

libc.so.12

Dynamic symbols

_exit

__setlocale50

fflush

setprogname

__syscall

printf

__cxa_finalize

exit

__swbuf

atexit

_libc_init

Anomalies


Entrypoint
Section : .
p
l
t
.
g
o
t


Sections
Uncommon sections : .note.netbsd.pax
.ident
section without a name
.SUNW_ctf
.note.netbsd.ident
.copyright
.gnu_debuglink
High entropy : .SUNW_ctf - 7.501822


Debug information

False
Comment

GCC: (NetBSD nb2 20180327) 5.5.0

Note

PaX :

GDB errors

warning: A handler for the OS ABI "NetBSD ELF" is not built into this configuration of GDB. Attempting to continue with the default i386:x86-64 settings.

Hash


MD5

aaa3724bfe2cc6dca3f74cca9f1173b3
SHA1

56fd10f7a98c7628872492db7b82c0c00ebff196
SHA256

17ebd33e39aeda51701f48f925340b09596602bbe6bc02a7ec94183797095618
SHA512

4e4cdfaf9c07953fa463423a70eb70201a0381ea85afaf3ee83f75d15a880df571620a31ebb9d150d213d2ee764b5f8e03664d322703c1fbb2f8eec35b7df3b5
ssdeep

96:RdQ9sAhkbFgF+Vzaw/MNxm2lrXGmbKaVjWZFsd1Hdgun2idXkn31NsSZ:RS9sAhk6OQlWUVjYFsd19gun2iS

Bytes


Entropy

3.78677142571
Min entropy (16KB blocks)

-1.0
Max entropy (16KB blocks)

-1.0
Unique bytes (0-255)

253
Null bytes

5684
White spaces

275
Printable bytes

1950
First 16B

7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00
Last 16B

01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
Longest same bytes sequence

Byte : 0x0

Offset : 0xd42

Length : 231

Three rarest bytes

0x5a - 0 times

0x9c - 0 times

0xa3 - 0 times

Three most common bytes

0x0 - 5684 times

0x20 - 199 times

0xff - 144 times

File type


Mime type

application/x-sharedlib
File type

ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /libexec/ld.elf_so, for NetBSD 8.0, not stripped

VirusTotal


Error

Resource not found

Code Explore


Nucleus

Number of functions : 10

Total size functions [B] : 857

Average size a function [B] : 85.7

Percentage of covered .text section : 106.459627329

Percentage of covered LOAD segment : 21.118777723

Eh_frame

Number of functions : 3

Total size functions [B] : 771

Average size a function [B] : 257.0

Percentage of covered .text section : 95.7763975155

Percentage of covered LOAD segment : 18.9995071464

Sandbox (user)


Standard output

Standard error

sh: 1: /tmp/17ebd33e39aeda51701f48f925340b09596602bbe6bc02a7ec94183797095618: not found

Sandbox (root)


Standard output

Standard error

sh: 1: /tmp/17ebd33e39aeda51701f48f925340b09596602bbe6bc02a7ec94183797095618: not found

Behavior


User behavior

Errors


Wrong interpreter
True

Syscalls


Unique
write
exit_group
execve


Unique number
3

Total number
5

Instrumented libc calls


Unique
strchr


Unique number
1

Total number
1

Number of processes

1

Trace lines lost

0

Max sleep

-1.0



Root behavior

Errors


Wrong interpreter
True

Syscalls


Unique
write
exit_group
execve


Unique number
3

Total number
5

Instrumented libc calls


Unique
strchr


Unique number
1

Total number
1

Number of processes

1

Trace lines lost

0

Max sleep

-1.0