Sample : 1a01c97ccb51611d3d83af21e1c38a926d9422655f0c2324c49c3953289f8aa7

Summary


OS ABI

UNIX - System V
CPU class

32 bit
Persistence (user)

No
Persistence (root)

No
CPU byte order

2's complement MSB
CPU type

MIPS I
Entropy

4.51821101302
Syscalls executed (root)

1
Syscalls executed (user)

1
ELF type

Executable file

ELF


Class

32 bit
Data encoding

2's complement MSB
Operating system ABI

UNIX - System V
Object file type

Executable file
ELF version

0.1
Machine

MIPS I
Link

dynamic
Entrypoint

0x401520
Interpreter

'/lib/ld-uClibc.so.0'
Number of segments

7
Number of sections

0
Program header table offset

52
Section header table offset

63548
Program header table - size of entry

32
Section header table - size of entry

40
Program header table - entries

7
Section header table - entries

28
Section header table - index sections names

25
Stripped

True
Sections stripped

True
Needed libraries

libc.so.0

Malformed

OrderedDict([(u'Beyond LOAD segment', True)])
Anomalies


Segments
W^X permission : PT_DYNAMIC at offset 0x140
PT_GNU_STACK at offset 0x0
Memory size doubles physical size : PT_LOAD at offset 0xec24


Sections
Wrong number of section headers : i
n
v
a
l
i
d
Section header table offset beyond file : True


Debug information

False
Pyelftools errors

expected 4, found 0
GDB errors

"/tmp/tmp.NfHLnQPKcj/1a01c97ccb51611d3d83af21e1c38a926d9422655f0c2324c49c3953289f8aa7": not in executable format: File truncated
Readelf errors

readelf: Error: Reading 0x460 bytes extends past end of file for section headers readelf: Error: Section headers are not available!

Hash


MD5

e1febbc5872b918956201544d0542e31
SHA1

a773129c1eb7254260a11169df878bf636f6055b
SHA256

1a01c97ccb51611d3d83af21e1c38a926d9422655f0c2324c49c3953289f8aa7
SHA512

dfea9414d026454e937ee3b3e114bcc5c6cbc047efe7d944537ef86e6ec5977b60121ec4abbca2bbb044cd498e3e9dbe0d0792a508415dbb67becdbbb14aa62f
ssdeep

1536:VK6CsDbRd7Qz1ySBpf4nDeL7B+KIkkS4tRO+aP:VTGNbYO

Bytes


Entropy

4.51821101302
Min entropy (16KB blocks)

4.35241506388
Max entropy (16KB blocks)

4.62379096637
Unique bytes (0-255)

248
Null bytes

21249
White spaces

2393
Printable bytes

9209
First 16B

7f 45 4c 46 01 02 01 00 00 00 00 00 00 00 00 00
Last 16B

8f 82 80 1c 00 00 00 00 24 45 eb 5c 8f 99 80 d8
Longest same bytes sequence

Byte : 0x0

Offset : 0x5fa

Length : 85

Three rarest bytes

0xd7 - 0 times

0xde - 0 times

0xf5 - 0 times

Three most common bytes

0x0 - 21249 times

0x8f - 2797 times

0x20 - 1568 times

VirusTotal


Error

Resource not found

Data Explore


Paths

/lib/ld-uClibc.so.0

Code Explore


Nucleus

Eh_frame

Sandbox (user)


Standard output

Standard error

Segmentation fault

Sandbox (root)


Standard output

Standard error

Segmentation fault

Behavior


User behavior

Errors


Segmentation fault
True

Execution fault
True

Syscalls


Unique
execve


Unique number
1

Total number
1

Number of processes

1

Trace lines lost

0

Empty trace

True

Max sleep

-1.0



Root behavior

Errors


Segmentation fault
True

Execution fault
True

Syscalls


Unique
execve


Unique number
1

Total number
1

Number of processes

1

Trace lines lost

0

Empty trace

True

Max sleep

-1.0