Sample:

aab51b11032f58597ea573935943fd2b1c083f79389895b69bc15619780e57c3



Summary

OS ABI: UNIX - System V

CPU class: 64 bit

Persistence (user): No

Persistence (root): No

CPU byte order: 2's complement LSB

File type: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, for OpenBSD, stripped

CPU type: AMD x86-64

Entropy: 6.38850742273

Syscalls executed (root): 2

Syscalls executed (user): 1

ELF type: Shared object file

ELF

Class: 64 bit

Data encoding: 2's complement LSB

Operating system ABI: UNIX - System V

Object file type: Shared object file

ELF version: 0.1

Machine: AMD x86-64

Entrypoint: 0x350

Interpreter: <none>

Number of segments: 9

Number of sections: 24

Program header table offset: 64

Section header table offset: 562400

Program header table - size of entry: 56

Section header table - size of entry: 64

Program header table - entries: 9

Section header table - entries: 24

Section header table - index sections names: 23

Stripped: True

Sections stripped: False

  • c_command
  • xstrcmp
  • c_builtin
  • c_exec
  • __fini

Section: .plt

  • PT_LOAD at offset 0x0 - 6.490699
  • PT_LOAD at offset 0x862b8
  • .openbsd.randomdata
  • .note.openbsd.ident
  • section without a name
  • .text - 6.494973

Debug information: False

  • OpenBSD :

GDB errors: warning: A handler for the OS ABI "OpenBSD ELF" is not built into this configuration of GDB. Attempting to continue with the default i386:x86-64 settings.

Hash

MD5: cd1dc68b53252e85b7c99531148a6964

SHA1: 4ee6685144fe43002e28b917399f60dd1afcb81d

SHA256: aab51b11032f58597ea573935943fd2b1c083f79389895b69bc15619780e57c3

SHA512: 96096b6aefe6868146b2c038cc112a4bc957fb7fc58b9c327ba266cc00d84c599303fd333a74e5f04f3ecf441b5f804391757903ed825b010284ec8d2bb1e59f

ssdeep: 6144:4SW2E3eTrQoXlW9vMmtoxs8tELTBkMtoOuqK22IjOXr7DeZ0kXw9mEi5DCr3FE6b:ZW2EOTkoXI5Mma0yBKK2fA2+UEikLP

Bytes

Entropy: 6.38850742273

Min entropy (16KB blocks): 2.77317779588

Max entropy (16KB blocks): 6.53549539281

Unique bytes (0-255): 256

Null bytes: 99476

White spaces: 10694

Printable bytes: 163757

First 16B: 7f 45 4c 46 02 01 01 00 00 00 00 00 00 00 00 00

Last 16B: 01 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00

Byte: 0x0

Offset: 0x8551b

Length: 3526

  • 0xa1 - 201 times
  • 0xa2 - 201 times
  • 0xae - 189 times
  • 0x0 - 99476 times
  • 0xff - 31902 times
  • 0x48 - 26747 times

File type

Mime type: application/x-sharedlib

File type: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, for OpenBSD, stripped

VirusTotal

Error: Resource not found

Data Explore

  • /bin/sh
  • /bin/ed}
  • /dev/null
  • ~/%s
  • /usr/bin:/bin:/usr/sbin:/sbin:/usr/X11R6/bin:/usr/local/bin
  • /etc/profile
  • /etc/suid_profile
  • /dev/tty
  • /dev/tty:
  • /dev/
  • /var/run/dev.db
  • /var/run/ypbind.lock
  • /etc/spwd.db
  • /etc/pwd.db
  • /etc/netgroup.db
  • /var/yp/binding
  • /etc/malloc.conf
  • /etc/localtime
  • /usr/share/zoneinfo
  • ::

Code Explore

Number of functions: 965

Total size functions [B]: 1086585

Average size a function [B]: 1125.99481865

Percentage of covered .text section: 246.129957324

Percentage of covered LOAD segment: 194.475467403

Number of functions: 943

Total size functions [B]: 430573

Average size a function [B]: 456.599151644

Percentage of covered .text section: 97.5320974567

Percentage of covered LOAD segment: 77.0633548466

Sandbox (user)

Standard output:

Standard error: Segmentation fault

Sandbox (root)

Standard output:

Standard error: Segmentation fault

Behavior

Segmentation fault: True

  • execve

Unique number: 1

Total number: 1

  • strchr

Unique number: 1

Total number: 1

Number of processes: 1

Trace lines lost: 0

Empty trace: True

Max sleep: -1.0

Segmentation fault: True

  • commit_creds
  • execve

Unique number: 2

Total number: 2

  • strchr

Unique number: 1

Total number: 1

Number of processes: 1

Trace lines lost: 0

Max sleep: -1.0