Sample:

e1b5d731f0018ec885e7829a83410b61a1daf3d6e9dfd0b1d0c66ede02f78faf



Summary

OS ABI: UNIX - System V

CPU class: 32 bit

Persistence (user): No

Persistence (root): No

CPU byte order: 2's complement LSB

File type: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux.so.2, for GNU/Linux 2.6.18, BuildID[sha1]=adef4a96ead02f6e35c1a598760d19bde86ace63, not stripped

CPU type: Intel 80386

Entropy: 4.72207180883

Syscalls executed (root): 55

Syscalls executed (user): 54

ELF type: Executable file

ELF

Class: 32 bit

Data encoding: 2's complement LSB

Operating system ABI: UNIX - System V

Object file type: Executable file

ELF version: 0.1

Machine: Intel 80386

Entrypoint: 0x80485b0

Interpreter: '/lib/ld-linux.so.2'

Number of segments: 8

Number of sections: 30

Program header table offset: 52

Section header table offset: 3052

Program header table - size of entry: 32

Section header table - size of entry: 40

Program header table - entries: 8

Section header table - entries: 30

Section header table - index sections names: 27

Stripped: False

Sections stripped: False

  • libgcc_s.so.1
  • libm.so.6
  • libstdc++.so.6
  • libc.so.6
  • __errno_location
  • strerror
  • __libc_start_main
  • perror
  • strtol
  • execv
  • getppid
  • fwrite
  • fprintf
  • prctl
  • exit
  • __gxx_personality_v0
  • section without a name

Debug information: False

  • GCC: (GNU) 4.4.7 20120313 (Red Hat 4.4.7-23)
  • GNU : '\xad\xefJ\x96\xea\xd0/n5\xc1\xa5\x98v\r\x19\xbd\xe8j\xce'

Hash

MD5: f838e85e8d17c6ba11560fd89071d8b4

SHA1: f7e20e5eeb2f7a8d403d4772023b4420dd764919

SHA256: e1b5d731f0018ec885e7829a83410b61a1daf3d6e9dfd0b1d0c66ede02f78faf

SHA512: 5e5111a23e51311a7c5678b902a7ba74f2b3eebe06349692b60da1147be866a25228dce715b0b0768176b8613a50068d608eab515a1cf7c0932ca720137cd555

ssdeep: 96:fxwoGFjbLBj4RHacyb3Kp79bpIaifk3A5BCRAyRS1cF2EPCuuNkeUtU:fTIjbh4RacOKb1li8+UPluNk+

Bytes

Entropy: 4.72207180883

Min entropy (16KB blocks): -1.0

Max entropy (16KB blocks): -1.0

Unique bytes (0-255): 225

Null bytes: 2674

White spaces: 96

Printable bytes: 1639

First 16B: 7f 45 4c 46 01 01 01 00 00 00 00 00 00 00 00 00

Last 16B: 69 74 00 5f 5a 35 72 75 6e 69 74 69 50 50 63 00

Byte: 0x0

Offset: 0xa4a

Length: 51

  • 0xe6 - 0 times
  • 0xe7 - 0 times
  • 0xfa - 0 times
  • 0x0 - 2674 times
  • 0x4 - 261 times
  • 0x8 - 208 times

File type

Mime type: application/x-executable

File type: ELF 32-bit LSB executable, Intel 80386, version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux.so.2, for GNU/Linux 2.6.18, BuildID[sha1]=adef4a96ead02f6e35c1a598760d19bde86ace63, not stripped

VirusTotal

Error: Resource not found

Data Explore

  • /lib/ld-linux.so.2

Code Explore

Number of functions: 12

Total size functions [B]: 608

Average size a function [B]: 50.6666666667

Percentage of covered .text section: 103.401360544

Percentage of covered LOAD segment: 22.0930232558

Number of functions: 5

Total size functions [B]: 336

Average size a function [B]: 67.2

Percentage of covered .text section: 57.1428571429

Percentage of covered LOAD segment: 12.2093023256

Sandbox (user)

Standard output:

Standard error: Incorrect args

Sandbox (root)

Standard output:

Standard error: Incorrect args

Behavior

  • mmap2
  • exit_group
  • read
  • munmap
  • mprotect
  • access
  • set_thread_area
  • write
  • brk
  • close
  • open
  • fstat
  • execve

Unique number: 13

Total number: 54

  • strchr

Unique number: 1

Total number: 1

Number of processes: 1

Trace lines lost: 0

  • /usr/lib/i386-linux-gnu/libstdc++.so.6
  • /lib/i386-linux-gnu/libgcc_s.so.1
  • /etc/ld.so.cache
  • /opt/lib/libm.so.6
  • /opt/lib/libc.so.6

Max sleep: -1.0

  • mmap2
  • write
  • exit_group
  • read
  • commit_creds
  • mprotect
  • access
  • set_thread_area
  • munmap
  • brk
  • close
  • open
  • fstat
  • execve

Unique number: 14

Total number: 55

  • strchr

Unique number: 1

Total number: 1

Number of processes: 1

Trace lines lost: 0

  • /usr/lib/i386-linux-gnu/libstdc++.so.6
  • /lib/i386-linux-gnu/libgcc_s.so.1
  • /etc/ld.so.cache
  • /opt/lib/libm.so.6
  • /opt/lib/libc.so.6

Max sleep: -1.0