Sample:

4d9e56ecebe661e480b93ae0e9a69b7703b33983eb1b39f86820fda627ba87be



Summary

OS ABI: UNIX - System V

CPU class: 64 bit

Persistence (user): No

Persistence (root): No

CPU byte order: 2's complement LSB

File type: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.18, BuildID[sha1]=ef59891a64ba2c574aafd10ee26e4c13eb5086eb, not stripped

CPU type: AMD x86-64

Entropy: 3.62049124426

Syscalls executed (root): 58

Syscalls executed (user): 57

ELF type: Executable file

ELF

Class: 64 bit

Data encoding: 2's complement LSB

Operating system ABI: UNIX - System V

Object file type: Executable file

ELF version: 0.1

Machine: AMD x86-64

Link: dynamic

Entrypoint: 0x400790

Interpreter: '/lib64/ld-linux-x86-64.so.2'

Number of segments: 8

Number of sections: 30

Program header table offset: 64

Section header table offset: 3864

Program header table - size of entry: 56

Section header table - size of entry: 64

Program header table - entries: 8

Section header table - entries: 30

Section header table - index sections names: 27

Stripped: False

Sections stripped: False

  • libgcc_s.so.1
  • libm.so.6
  • libstdc++.so.6
  • libc.so.6
  • execv
  • exit
  • prctl
  • __libc_start_main
  • strerror
  • strtol
  • __errno_location
  • getppid
  • fwrite
  • perror
  • fprintf
  • __gxx_personality_v0

Section: .plt

  • section without a name

Debug information: False

  • GCC: (GNU) 4.4.7 20120313 (Red Hat 4.4.7-23)
  • GNU : '\xefY\x89\x1ad\xba,WJ\xaf\xd1\x0e\xe2nL\x13\xebP\x86'

Hash

MD5: 9511b3fa6b54bd3c0ad83c581e63fa40

SHA1: c173bde39d65e178d405866b1a77760dcf69ad3d

SHA256: 4d9e56ecebe661e480b93ae0e9a69b7703b33983eb1b39f86820fda627ba87be

SHA512: 56fb3ae8ccd7975cb62a74adddc67b5f749aa4742e4b0be5d1de25e5c5fd89ce40df01add05df5eae835b48f8f18bf97a8b37a111e32dda923860a573d1fe2e6

ssdeep: 96:GpTacyB7vcwXQ5qTAZ4YsaSwoBsqDmcHl9KRo/qh//YRvqnj2kEeGU:Gpmcy/XSqTdY5SwIk1BYRynjVEeZ

Bytes

Entropy: 3.62049124426

Min entropy (16KB blocks): -1.0

Max entropy (16KB blocks): -1.0

Unique bytes (0-255): 220

Null bytes: 5018

White spaces: 199

Printable bytes: 1798

First 16B: 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00

Last 16B: 69 74 00 5f 5a 35 72 75 6e 69 74 69 50 50 63 00

Byte: 0x0

Offset: 0xd05

Length: 108

  • 0xdf - 0 times
  • 0xee - 0 times
  • 0xf7 - 0 times
  • 0x0 - 5018 times
  • 0xff - 148 times
  • 0x5f - 146 times

File type

Mime type: application/x-executable

File type: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.18, BuildID[sha1]=ef59891a64ba2c574aafd10ee26e4c13eb5086eb, not stripped

VirusTotal

Error: Resource not found

Code Explore

Number of functions: 11

Total size functions [B]: 654

Average size a function [B]: 59.4545454545

Percentage of covered .text section: 93.9655172414

Percentage of covered LOAD segment: 18.3707865169

Number of functions: 4

Total size functions [B]: 363

Average size a function [B]: 90.75

Percentage of covered .text section: 52.1551724138

Percentage of covered LOAD segment: 10.1966292135

Sandbox (user)

Standard output:

Standard error: Incorrect args

Sandbox (root)

Standard output:

Standard error: Incorrect args

Behavior

  • mmap2
  • exit_group
  • read
  • munmap
  • mprotect
  • arch_prctl
  • access
  • write
  • brk
  • close
  • open
  • fstat
  • execve

Unique number: 13

Total number: 57

  • strchr

Unique number: 1

Total number: 1

Number of processes: 1

Trace lines lost: 0

  • /opt/lib/libc.so.6
  • /etc/ld.so.cache
  • /opt/lib/libm.so.6
  • /usr/lib/x86_64-linux-gnu/libstdc++.so.6
  • /lib/x86_64-linux-gnu/libgcc_s.so.1

Max sleep: -1.0

  • mmap2
  • write
  • exit_group
  • read
  • commit_creds
  • mprotect
  • arch_prctl
  • access
  • munmap
  • brk
  • close
  • open
  • fstat
  • execve

Unique number: 14

Total number: 58

  • strchr

Unique number: 1

Total number: 1

Number of processes: 1

Trace lines lost: 0

  • /opt/lib/libc.so.6
  • /etc/ld.so.cache
  • /opt/lib/libm.so.6
  • /usr/lib/x86_64-linux-gnu/libstdc++.so.6
  • /lib/x86_64-linux-gnu/libgcc_s.so.1

Max sleep: -1.0