Sample:

17ebd33e39aeda51701f48f925340b09596602bbe6bc02a7ec94183797095618



Summary

OS ABI: UNIX - System V

CPU class: 64 bit

Persistence (user): No

Persistence (root): No

CPU byte order: 2's complement LSB

File type: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /libexec/ld.elf_so, for NetBSD 8.0, not stripped

CPU type: AMD x86-64

Entropy: 3.78677142571

Syscalls executed (root): 5

Syscalls executed (user): 5

ELF type: Shared object file

ELF

Class: 64 bit

Data encoding: 2's complement LSB

Operating system ABI: UNIX - System V

Object file type: Shared object file

ELF version: 0.1

Machine: AMD x86-64

Entrypoint: 0x8c0

Interpreter: '/libexec/ld.elf_so'

Number of segments: 8

Number of sections: 33

Program header table offset: 64

Section header table offset: 7440

Program header table - size of entry: 56

Section header table - size of entry: 64

Program header table - entries: 8

Section header table - entries: 33

Section header table - index sections names: 30

Stripped: False

Sections stripped: False

  • libc.so.12
  • _exit
  • __setlocale50
  • fflush
  • setprogname
  • __syscall
  • printf
  • __cxa_finalize
  • exit
  • __swbuf
  • atexit
  • _libc_init

Section: .plt.got

  • .note.netbsd.pax
  • .ident
  • section without a name
  • .SUNW_ctf
  • .note.netbsd.ident
  • .copyright
  • .gnu_debuglink
  • .SUNW_ctf - 7.501822

Debug information: False

  • GCC: (NetBSD nb2 20180327) 5.5.0
  • PaX :

GDB errors: warning: A handler for the OS ABI "NetBSD ELF" is not built into this configuration of GDB. Attempting to continue with the default i386:x86-64 settings.

Hash

MD5: aaa3724bfe2cc6dca3f74cca9f1173b3

SHA1: 56fd10f7a98c7628872492db7b82c0c00ebff196

SHA256: 17ebd33e39aeda51701f48f925340b09596602bbe6bc02a7ec94183797095618

SHA512: 4e4cdfaf9c07953fa463423a70eb70201a0381ea85afaf3ee83f75d15a880df571620a31ebb9d150d213d2ee764b5f8e03664d322703c1fbb2f8eec35b7df3b5

ssdeep: 96:RdQ9sAhkbFgF+Vzaw/MNxm2lrXGmbKaVjWZFsd1Hdgun2idXkn31NsSZ:RS9sAhk6OQlWUVjYFsd19gun2iS

Bytes

Entropy: 3.78677142571

Min entropy (16KB blocks): -1.0

Max entropy (16KB blocks): -1.0

Unique bytes (0-255): 253

Null bytes: 5684

White spaces: 275

Printable bytes: 1950

First 16B: 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00

Last 16B: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

Byte: 0x0

Offset: 0xd42

Length: 231

  • 0x5a - 0 times
  • 0x9c - 0 times
  • 0xa3 - 0 times
  • 0x0 - 5684 times
  • 0x20 - 199 times
  • 0xff - 144 times

File type

Mime type: application/x-sharedlib

File type: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /libexec/ld.elf_so, for NetBSD 8.0, not stripped

VirusTotal

Error: Resource not found

Code Explore

Number of functions: 10

Total size functions [B]: 857

Average size a function [B]: 85.7

Percentage of covered .text section: 106.459627329

Percentage of covered LOAD segment: 21.118777723

Number of functions: 3

Total size functions [B]: 771

Average size a function [B]: 257.0

Percentage of covered .text section: 95.7763975155

Percentage of covered LOAD segment: 18.9995071464

Sandbox (user)

Standard output:

Standard error: sh: 1: /tmp/17ebd33e39aeda51701f48f925340b09596602bbe6bc02a7ec94183797095618: not found

Sandbox (root)

Standard output:

Standard error: sh: 1: /tmp/17ebd33e39aeda51701f48f925340b09596602bbe6bc02a7ec94183797095618: not found

Behavior

Wrong interpreter: True

  • write
  • exit_group
  • execve

Unique number: 3

Total number: 5

  • strchr

Unique number: 1

Total number: 1

Number of processes: 1

Trace lines lost: 0

Max sleep: -1.0

Wrong interpreter: True

  • write
  • exit_group
  • execve

Unique number: 3

Total number: 5

  • strchr

Unique number: 1

Total number: 1

Number of processes: 1

Trace lines lost: 0

Max sleep: -1.0