Sample : e1b5d731f0018ec885e7829a83410b61a1daf3d6e9dfd0b1d0c66ede02f78faf

Summary


OS ABI

UNIX - System V
CPU class

32 bit
Persistence (user)

No
Persistence (root)

No
CPU byte order

2's complement LSB
File type

ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux.so.2, for GNU/Linux 2.6.18, BuildID[sha1]=adef4a96ead02f6e35c1a598760d19bde86ace63, not stripped
CPU type

Intel 80386
Entropy

4.72207180883
Syscalls executed (root)

55
Syscalls executed (user)

54
ELF type

Executable file

ELF


Class

32 bit
Data encoding

2's complement LSB
Operating system ABI

UNIX - System V
Object file type

Executable file
ELF version

0.1
Machine

Intel 80386
Link

dynamic
Entrypoint

0x80485b0
Interpreter

'/lib/ld-linux.so.2'
Number of segments

8
Number of sections

30
Program header table offset

52
Section header table offset

3052
Program header table - size of entry

32
Section header table - size of entry

40
Program header table - entries

8
Section header table - entries

30
Section header table - index sections names

27
Stripped

False
Sections stripped

False
Needed libraries

libgcc_s.so.1

libm.so.6

libstdc++.so.6

libc.so.6

Dynamic symbols

__errno_location

strerror

__libc_start_main

perror

strtol

execv

getppid

fwrite

fprintf

prctl

exit

__gxx_personality_v0

Anomalies


Sections
Uncommon sections : section without a name


Debug information

False
Comment

GCC: (GNU) 4.4.7 20120313 (Red Hat 4.4.7-23)

Note

GNU : '\xad\xefJ\x96\xea\xd0/n5\xc1\xa5\x98v\r\x19\xbd\xe8j\xce'

Hash


MD5

f838e85e8d17c6ba11560fd89071d8b4
SHA1

f7e20e5eeb2f7a8d403d4772023b4420dd764919
SHA256

e1b5d731f0018ec885e7829a83410b61a1daf3d6e9dfd0b1d0c66ede02f78faf
SHA512

5e5111a23e51311a7c5678b902a7ba74f2b3eebe06349692b60da1147be866a25228dce715b0b0768176b8613a50068d608eab515a1cf7c0932ca720137cd555
ssdeep

96:fxwoGFjbLBj4RHacyb3Kp79bpIaifk3A5BCRAyRS1cF2EPCuuNkeUtU:fTIjbh4RacOKb1li8+UPluNk+

Bytes


Entropy

4.72207180883
Min entropy (16KB blocks)

-1.0
Max entropy (16KB blocks)

-1.0
Unique bytes (0-255)

225
Null bytes

2674
White spaces

96
Printable bytes

1639
First 16B

7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00
Last 16B

69 74 00 5f 5a 35 72 75 6e 69 74 69 50 50 63 00
Longest same bytes sequence

Byte : 0x0

Offset : 0xa4a

Length : 51

Three rarest bytes

0xe6 - 0 times

0xe7 - 0 times

0xfa - 0 times

Three most common bytes

0x0 - 2674 times

0x4 - 261 times

0x8 - 208 times

File type


Mime type

application/x-executable
File type

ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux.so.2, for GNU/Linux 2.6.18, BuildID[sha1]=adef4a96ead02f6e35c1a598760d19bde86ace63, not stripped

VirusTotal


Error

Resource not found

Data Explore


Paths

/lib/ld-linux.so.2

Code Explore


Nucleus

Number of functions : 12

Total size functions [B] : 608

Average size a function [B] : 50.6666666667

Percentage of covered .text section : 103.401360544

Percentage of covered LOAD segment : 22.0930232558

Eh_frame

Number of functions : 5

Total size functions [B] : 336

Average size a function [B] : 67.2

Percentage of covered .text section : 57.1428571429

Percentage of covered LOAD segment : 12.2093023256

Sandbox (user)


Standard output

Standard error

Incorrect args

Sandbox (root)


Standard output

Standard error

Incorrect args

Behavior


User behavior

Syscalls


Unique
mmap2
exit_group
read
munmap
mprotect
access
set_thread_area
write
brk
close
open
fstat
execve


Unique number
13

Total number
54

Instrumented libc calls


Unique
strchr


Unique number
1

Total number
1

Number of processes

1

Trace lines lost

0

Files being read

/usr/lib/i386-linux-gnu/libstdc++.so.6

/lib/i386-linux-gnu/libgcc_s.so.1

/etc/ld.so.cache

/opt/lib/libm.so.6

/opt/lib/libc.so.6

Max sleep

-1.0



Root behavior

Syscalls


Unique
mmap2
write
exit_group
read
commit_creds
mprotect
access
set_thread_area
munmap
brk
close
open
fstat
execve


Unique number
14

Total number
55

Instrumented libc calls


Unique
strchr


Unique number
1

Total number
1

Number of processes

1

Trace lines lost

0

Files being read

/usr/lib/i386-linux-gnu/libstdc++.so.6

/lib/i386-linux-gnu/libgcc_s.so.1

/etc/ld.so.cache

/opt/lib/libm.so.6

/opt/lib/libc.so.6

Max sleep

-1.0