Linux
Analysis Report
ijxeqyXNc4
Overview
General Information
Sample name: | ijxeqyXNc4renamed because original name is a hash value |
Original sample name: | 15412d1a6b7f79fad45bcd32cf82f9d651d9ccca082f98a0cca3ad5335284e45 |
Analysis ID: | 3760041 |
MD5: | 8138f1af1dc51cde924aa2360f12d650 |
SHA1: | 74b1da190d670fa4c207afb0fbca4d7df701538a |
SHA256: | 15412d1a6b7f79fad45bcd32cf82f9d651d9ccca082f98a0cca3ad5335284e45 |
Infos: |
Detection
Score: | 76 |
Range: | 0 - 100 |
Whitelisted: | false |
Signatures
Classification
Joe Sandbox version: | |
Analysis ID: | 3760041 |
Start date and time: | 2024-04-10 11:12:52 +02:00 |
Joe Sandbox product: | Cloud |
Overall analysis duration: | 0h 9m 7s |
Hypervisor based Inspection enabled: | false |
Report type: | full |
Cookbook file name: | Linux - Ubuntu 22 - sleep detection and extension with SSL inspection.jbs |
Analysis system description: | Ubuntu Linux 22.04 x64 (Kernel 5.15.0-94, Firefox 124.0.2, Atril Document Viewer 1.26.0, LibreOffice 7.3.7.2, OpenJDK 17.0.10) |
Analysis Mode: | default |
Sample name: | ijxeqyXNc4renamed because original name is a hash value |
Original Sample Name: | 15412d1a6b7f79fad45bcd32cf82f9d651d9ccca082f98a0cca3ad5335284e45 |
Detection: | MAL |
Classification: | mal76.troj.evad.lin@0/3@1/0 |
Cookbook Comments: |
|
Command: | /tmp/ijxeqyXNc4 |
PID: | 5431 |
Exit Code: | 0 |
Exit Code Info: | |
Killed: | False |
Standard Output: | |
Standard Error: |
- system is lnxubuntu22
- ijxeqyXNc4 New Fork (PID: 5432, Parent: 5431)
- ijxeqyXNc4 New Fork (PID: 5433, Parent: 5432)
- sh New Fork (PID: 5434, Parent: 5433)
- ijxeqyXNc4 New Fork (PID: 5435, Parent: 5432)
- sh New Fork (PID: 5436, Parent: 5435)
- ijxeqyXNc4 New Fork (PID: 5437, Parent: 5432)
- sh New Fork (PID: 5438, Parent: 5437)
- ijxeqyXNc4 New Fork (PID: 5439, Parent: 5432)
- sh New Fork (PID: 5440, Parent: 5439)
- ijxeqyXNc4 New Fork (PID: 5441, Parent: 5432)
- sh New Fork (PID: 5442, Parent: 5441)
- ijxeqyXNc4 New Fork (PID: 5443, Parent: 5442)
- sh New Fork (PID: 5444, Parent: 5443)
- ijxeqyXNc4 New Fork (PID: 5445, Parent: 5442)
- sh New Fork (PID: 5446, Parent: 5445)
- ijxeqyXNc4 New Fork (PID: 5447, Parent: 5442)
- sh New Fork (PID: 5448, Parent: 5447)
- ijxeqyXNc4 New Fork (PID: 5449, Parent: 5442)
- sh New Fork (PID: 5450, Parent: 5449)
- cleanup
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_DinodasRAT_1 | Yara detected Dinodas RAT | Joe Security |
Source | Rule | Description | Author | Strings |
---|---|---|---|---|
JoeSecurity_DinodasRAT_1 | Yara detected Dinodas RAT | Joe Security |
Timestamp: | 04/10/24-11:16:51.500898 |
SID: | 2051839 |
Source Port: | 41687 |
Destination Port: | 443 |
Protocol: | UDP |
Classtype: | A Network Trojan was detected |
Timestamp: | 04/10/24-11:17:22.705256 |
SID: | 2051868 |
Source Port: | 45210 |
Destination Port: | 443 |
Protocol: | UDP |
Classtype: | A Network Trojan was detected |
Timestamp: | 04/10/24-11:15:49.341725 |
SID: | 2051868 |
Source Port: | 45342 |
Destination Port: | 443 |
Protocol: | UDP |
Classtype: | A Network Trojan was detected |
Timestamp: | 04/10/24-11:17:22.705256 |
SID: | 2051839 |
Source Port: | 45210 |
Destination Port: | 443 |
Protocol: | UDP |
Classtype: | A Network Trojan was detected |
Timestamp: | 04/10/24-11:17:53.785050 |
SID: | 2051839 |
Source Port: | 38251 |
Destination Port: | 443 |
Protocol: | UDP |
Classtype: | A Network Trojan was detected |
Timestamp: | 04/10/24-11:15:18.245782 |
SID: | 2051839 |
Source Port: | 38278 |
Destination Port: | 443 |
Protocol: | UDP |
Classtype: | A Network Trojan was detected |
Timestamp: | 04/10/24-11:14:27.079270 |
SID: | 2051867 |
Source Port: | 43079 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | A Network Trojan was detected |
Timestamp: | 04/10/24-11:14:27.079270 |
SID: | 2051846 |
Source Port: | 43079 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | A Network Trojan was detected |
Timestamp: | 04/10/24-11:15:49.341725 |
SID: | 2051839 |
Source Port: | 45342 |
Destination Port: | 443 |
Protocol: | UDP |
Classtype: | A Network Trojan was detected |
Timestamp: | 04/10/24-11:15:18.245782 |
SID: | 2051868 |
Source Port: | 38278 |
Destination Port: | 443 |
Protocol: | UDP |
Classtype: | A Network Trojan was detected |
Timestamp: | 04/10/24-11:14:47.166945 |
SID: | 2051868 |
Source Port: | 55268 |
Destination Port: | 443 |
Protocol: | UDP |
Classtype: | A Network Trojan was detected |
Timestamp: | 04/10/24-11:16:20.415578 |
SID: | 2051839 |
Source Port: | 50490 |
Destination Port: | 443 |
Protocol: | UDP |
Classtype: | A Network Trojan was detected |
Timestamp: | 04/10/24-11:18:25.105451 |
SID: | 2051839 |
Source Port: | 34962 |
Destination Port: | 443 |
Protocol: | UDP |
Classtype: | A Network Trojan was detected |
Timestamp: | 04/10/24-11:17:53.785050 |
SID: | 2051868 |
Source Port: | 38251 |
Destination Port: | 443 |
Protocol: | UDP |
Classtype: | A Network Trojan was detected |
Timestamp: | 04/10/24-11:14:27.079270 |
SID: | 2051837 |
Source Port: | 43079 |
Destination Port: | 53 |
Protocol: | UDP |
Classtype: | A Network Trojan was detected |
Timestamp: | 04/10/24-11:14:47.166945 |
SID: | 2051839 |
Source Port: | 55268 |
Destination Port: | 443 |
Protocol: | UDP |
Classtype: | A Network Trojan was detected |
Timestamp: | 04/10/24-11:18:25.105451 |
SID: | 2051868 |
Source Port: | 34962 |
Destination Port: | 443 |
Protocol: | UDP |
Classtype: | A Network Trojan was detected |
Timestamp: | 04/10/24-11:16:20.415578 |
SID: | 2051868 |
Source Port: | 50490 |
Destination Port: | 443 |
Protocol: | UDP |
Classtype: | A Network Trojan was detected |
Timestamp: | 04/10/24-11:16:51.500898 |
SID: | 2051868 |
Source Port: | 41687 |
Destination Port: | 443 |
Protocol: | UDP |
Classtype: | A Network Trojan was detected |
Click to jump to signature section
Networking |
---|
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: | ||
Source: | Snort IDS: |
Source: | Reads hosts file: | Jump to behavior |
Source: | UDP traffic detected without corresponding DNS query: |
Source: | DNS traffic detected: |
Source: | Potential command found: | ||
Source: | Potential command found: | ||
Source: | Potential command found: | ||
Source: | Potential command found: | ||
Source: | Potential command found: |
Source: | .symtab present: |
Source: | Classification label: |
Persistence and Installation Behavior |
---|
Source: | File: | Jump to behavior |
Source: | File: | Jump to behavior |
Source: | File: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | File: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | Directory: | Jump to behavior | ||
Source: | File: | Jump to behavior | ||
Source: | Directory: | Jump to behavior |
Source: | Empty hidden file: | Jump to behavior | ||
Source: | Empty hidden file: | Jump to behavior |
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior | ||
Source: | Shell command executed: | Jump to behavior |
Source: | Chmod executable: | Jump to behavior |
Source: | Reads version info: | Jump to behavior | ||
Source: | Reads version info: | Jump to behavior |
Source: | File: | Jump to behavior |
Source: | Chmod executable with 777: | Jump to behavior |
Source: | INI config file created: | Jump to dropped file |
Source: | Writes shell script file to disk with an unusual file extension: | Jump to dropped file |
Hooking and other Techniques for Hiding and Protection |
---|
Source: | Dmidecode executable: | Jump to behavior |
Source: | Symbol name: | ||
Source: | Symbol name: |
Source: | Queries kernel information via 'uname': | Jump to behavior |
Anti Debugging |
---|
Source: | Process with PPID: | Jump to behavior |
Language, Device and Operating System Detection |
---|
Source: | Dmidecode executable: | Jump to behavior |
Source: | Getconf executable: | Jump to behavior |
Stealing of Sensitive Information |
---|
Source: | File source: | ||
Source: | File source: |
Source: | Ifconfig executable: | Jump to behavior |
Remote Access Functionality |
---|
Source: | File source: | ||
Source: | File source: |
Reconnaissance | Resource Development | Initial Access | Execution | Persistence | Privilege Escalation | Defense Evasion | Credential Access | Discovery | Lateral Movement | Collection | Command and Control | Exfiltration | Impact |
---|---|---|---|---|---|---|---|---|---|---|---|---|---|
Gather Victim Identity Information | 1 Scripting | Valid Accounts | 1 Command and Scripting Interpreter | 1 Scripting | Path Interception | 1 Masquerading | OS Credential Dumping | 1 Security Software Discovery | Remote Services | Data from Local System | 1 Non-Application Layer Protocol | Exfiltration Over Other Network Medium | 1 Data Manipulation |
Credentials | Domains | Default Accounts | Scheduled Task/Job | Boot or Logon Initialization Scripts | Boot or Logon Initialization Scripts | 1 Hide Artifacts | LSASS Memory | 1 Virtualization/Sandbox Evasion | Remote Desktop Protocol | Data from Removable Media | 1 Application Layer Protocol | Exfiltration Over Bluetooth | Network Denial of Service |
Email Addresses | DNS Server | Domain Accounts | At | Logon Script (Windows) | Logon Script (Windows) | 2 File and Directory Permissions Modification | Security Account Manager | 1 System Network Configuration Discovery | SMB/Windows Admin Shares | Data from Network Shared Drive | Steganography | Automated Exfiltration | Data Encrypted for Impact |
Employee Names | Virtual Private Server | Local Accounts | Cron | Login Hook | Login Hook | 1 Virtualization/Sandbox Evasion | NTDS | 1 File and Directory Discovery | Distributed Component Object Model | Input Capture | Protocol Impersonation | Traffic Duplication | Data Destruction |
Gather Victim Network Information | Server | Cloud Accounts | Launchd | Network Logon Script | Network Logon Script | 1 Hidden Files and Directories | LSA Secrets | 21 System Information Discovery | SSH | Keylogging | Fallback Channels | Scheduled Transfer | Data Encrypted for Impact |
Name | IP | Active | Malicious | Antivirus Detection | Reputation |
---|---|---|---|---|---|
update.centos-yum.com | 91.195.240.94 | true | true | unknown |
- No. of IPs < 25%
- 25% < No. of IPs < 50%
- 50% < No. of IPs < 75%
- 75% < No. of IPs
IP | Domain | Country | Flag | ASN | ASN Name | Malicious |
---|---|---|---|---|---|---|
91.195.240.94 | update.centos-yum.com | Germany | 47846 | SEDO-ASDE | true |
Process: | /tmp/ijxeqyXNc4 |
File Type: | |
Category: | dropped |
Size (bytes): | 35 |
Entropy (8bit): | 4.4004323025356245 |
Encrypted: | false |
SSDEEP: | 3:TKH/KoKyx9O6Fn:FY9p |
MD5: | F93C16FC0B91F1E059FC86109DED4B42 |
SHA1: | 25C1C897D8037F4087BDBBEB163CC7F951995C41 |
SHA-256: | B64D2598EB0F74ABA0AEE969ED12C90D784ADD3BD94F723F39C3BD3A41E20243 |
SHA-512: | E7CBEC597A50C1448FC7B905D8119B7EACFF1F5561E884562BB4B98A0CDD3AD502C77E643C0E3512F499E0F1C8680C961CFFC3818EA43DF0751F9D8B743B1859 |
Malicious: | true |
Reputation: | low |
Preview: |
Process: | /tmp/ijxeqyXNc4 |
File Type: | |
Category: | dropped |
Size (bytes): | 72 |
Entropy (8bit): | 4.488129025821929 |
Encrypted: | false |
SSDEEP: | 3:EU8VmQEcEXBQB+4jk0MWeBy:EU8sQEdBQBVjn |
MD5: | 7FC78A4C6CF06AA6E4504254B03E42A7 |
SHA1: | 891318B27DD7BC531B4DEA902782E4F6742FCB18 |
SHA-256: | CF5C6649DC55BB716EA8D4AE39BD416BC2056A98C9BEA4171873B7219C6C4F27 |
SHA-512: | 85FFE85D362F23C6513C53ACDC09F79A13DDAE8FF631FD410E0A798CF8B14CB3538D9EEC795777DA77E1677214CA418B3A48C2AFAC13C1B3BEA28BD2CF421300 |
Malicious: | false |
Reputation: | low |
Preview: |
Process: | /tmp/ijxeqyXNc4 |
File Type: | |
Category: | dropped |
Size (bytes): | 883 |
Entropy (8bit): | 4.7806761267639715 |
Encrypted: | false |
SSDEEP: | 12:zgw5OZRZA2+KugzJw5OZRZA2+Ku2w5OZRZA2+KutGHWrnw5OZRZA2+KutCHWry:vUZRO2xeUZRO2uUZRO272rwUZRO2z2ry |
MD5: | DF8C8DD87FEC8005B9461DCFF9D5D6ED |
SHA1: | C5509FDA35704C159120BD58EDFF98819665CA88 |
SHA-256: | C431F6EE6BFD3838BE81826AF0D3D8314252311B02F88DF239AA13060B9CE21B |
SHA-512: | 4BE2327B55708676C6260882BFE728E1B2D3995E40CE1AE4666D19DC286429BBC0D4EB9F2D5761E4CDABEB5DB43A4C87223CB2255CBF87E046FA504F98CD17B8 |
Malicious: | false |
Reputation: | low |
Preview: |
File type: | |
Entropy (8bit): | 6.196920594272085 |
TrID: |
|
File name: | ijxeqyXNc4 |
File size: | 261'344 bytes |
MD5: | 8138f1af1dc51cde924aa2360f12d650 |
SHA1: | 74b1da190d670fa4c207afb0fbca4d7df701538a |
SHA256: | 15412d1a6b7f79fad45bcd32cf82f9d651d9ccca082f98a0cca3ad5335284e45 |
SHA512: | c8d940fedc22b8b032bb4a1dd3815c799b710bfb31e3af1f8eb76ef63e7de0c3394b3ba8d7754975bbb8bcd3dd9408665e8b7e75fa49fea1f2b3dee884792025 |
SSDEEP: | 6144:pP+dv39axq0rT+DnuokS63QeYqn3b6gu+vG/US8NvVkN2Jy8zcvd:k39aVSq7JYq3GgbeT8NvVru |
TLSH: | 8844E647F1BA44BDC44EC0B001DE2639D5E1B41889967EAF2684FAF117F2B90AF94B47 |
File Content Preview: | .ELF..............>.......@.....@...................@.8...@.............@.......@.@.....@.@...............................................@.......@...............................................@.......@.....I.......I......... .............P.......P.c.... |
ELF header | |
---|---|
Class: | |
Data: | |
Version: | |
Machine: | |
Version Number: | |
Type: | |
OS/ABI: | |
ABI Version: | 0 |
Entry Point Address: | |
Flags: | |
ELF Header Size: | 64 |
Program Header Offset: | 64 |
Program Header Size: | 56 |
Number of Program Headers: | 8 |
Section Header Offset: | 259552 |
Section Header Size: | 64 |
Number of Section Headers: | 28 |
Header String Table Index: | 27 |
Name | Type | Address | Offset | Size | EntSize | Flags | Flags Description | Link | Info | Align |
---|---|---|---|---|---|---|---|---|---|---|
NULL | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0 | 0 | 0 | ||
.interp | PROGBITS | 0x400200 | 0x200 | 0x1c | 0x0 | 0x2 | A | 0 | 0 | 1 |
.note.ABI-tag | NOTE | 0x40021c | 0x21c | 0x20 | 0x0 | 0x2 | A | 0 | 0 | 4 |
.gnu.hash | GNU_HASH | 0x400240 | 0x240 | 0x5c | 0x0 | 0x2 | A | 4 | 0 | 8 |
.dynsym | DYNSYM | 0x4002a0 | 0x2a0 | 0xd98 | 0x18 | 0x2 | A | 5 | 1 | 8 |
.dynstr | STRTAB | 0x401038 | 0x1038 | 0x7ab | 0x0 | 0x2 | A | 0 | 0 | 1 |
.gnu.version | VERSYM | 0x4017e4 | 0x17e4 | 0x122 | 0x2 | 0x2 | A | 4 | 0 | 2 |
.gnu.version_r | VERNEED | 0x401908 | 0x1908 | 0x90 | 0x0 | 0x2 | A | 5 | 4 | 8 |
.rela.dyn | RELA | 0x401998 | 0x1998 | 0x78 | 0x18 | 0x2 | A | 4 | 0 | 8 |
.rela.plt | RELA | 0x401a10 | 0x1a10 | 0xc48 | 0x18 | 0x2 | A | 4 | 11 | 8 |
.init | PROGBITS | 0x402658 | 0x2658 | 0x18 | 0x0 | 0x6 | AX | 0 | 0 | 4 |
.plt | PROGBITS | 0x402670 | 0x2670 | 0x840 | 0x10 | 0x6 | AX | 0 | 0 | 4 |
.text | PROGBITS | 0x402eb0 | 0x2eb0 | 0x2f028 | 0x0 | 0x6 | AX | 0 | 0 | 16 |
.fini | PROGBITS | 0x431ed8 | 0x31ed8 | 0xe | 0x0 | 0x6 | AX | 0 | 0 | 4 |
.rodata | PROGBITS | 0x431f00 | 0x31f00 | 0x1292 | 0x0 | 0x2 | A | 0 | 0 | 32 |
.eh_frame_hdr | PROGBITS | 0x433194 | 0x33194 | 0x148c | 0x0 | 0x2 | A | 0 | 0 | 4 |
.eh_frame | PROGBITS | 0x434620 | 0x34620 | 0x5adc | 0x0 | 0x2 | A | 0 | 0 | 8 |
.gcc_except_table | PROGBITS | 0x43a0fc | 0x3a0fc | 0x404d | 0x0 | 0x2 | A | 0 | 0 | 4 |
.ctors | PROGBITS | 0x63e150 | 0x3e150 | 0x1a0 | 0x0 | 0x3 | WA | 0 | 0 | 8 |
.dtors | PROGBITS | 0x63e2f0 | 0x3e2f0 | 0x10 | 0x0 | 0x3 | WA | 0 | 0 | 8 |
.jcr | PROGBITS | 0x63e300 | 0x3e300 | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 8 |
.dynamic | DYNAMIC | 0x63e308 | 0x3e308 | 0x1f0 | 0x10 | 0x3 | WA | 5 | 0 | 8 |
.got | PROGBITS | 0x63e4f8 | 0x3e4f8 | 0x8 | 0x8 | 0x3 | WA | 0 | 0 | 8 |
.got.plt | PROGBITS | 0x63e500 | 0x3e500 | 0x430 | 0x8 | 0x3 | WA | 0 | 0 | 8 |
.data | PROGBITS | 0x63e940 | 0x3e940 | 0xe4 | 0x0 | 0x3 | WA | 0 | 0 | 32 |
.bss | NOBITS | 0x63ea40 | 0x3ea24 | 0x430 | 0x0 | 0x3 | WA | 0 | 0 | 32 |
.comment | PROGBITS | 0x0 | 0x3ea24 | 0xac8 | 0x0 | 0x0 | 0 | 0 | 1 | |
.shstrtab | STRTAB | 0x0 | 0x3f4ec | 0xed | 0x0 | 0x0 | 0 | 0 | 1 |
Type | Offset | Virtual Address | Physical Address | File Size | Memory Size | Entropy | Flags | Flags Description | Align | Prog Interpreter | Section Mappings |
---|---|---|---|---|---|---|---|---|---|---|---|
PHDR | 0x40 | 0x400040 | 0x400040 | 0x1c0 | 0x1c0 | 1.8216 | 0x5 | R E | 0x8 | ||
INTERP | 0x200 | 0x400200 | 0x400200 | 0x1c | 0x1c | 3.9408 | 0x4 | R | 0x1 | /lib64/ld-linux-x86-64.so.2 | .interp |
LOAD | 0x0 | 0x400000 | 0x400000 | 0x3e149 | 0x3e149 | 6.2054 | 0x5 | R E | 0x200000 | .interp .note.ABI-tag .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rela.dyn .rela.plt .init .plt .text .fini .rodata .eh_frame_hdr .eh_frame .gcc_except_table | |
LOAD | 0x3e150 | 0x63e150 | 0x63e150 | 0x8d4 | 0xd20 | 2.5157 | 0x6 | RW | 0x200000 | .ctors .dtors .jcr .dynamic .got .got.plt .data .bss | |
DYNAMIC | 0x3e308 | 0x63e308 | 0x63e308 | 0x1f0 | 0x1f0 | 1.5404 | 0x6 | RW | 0x8 | .dynamic | |
NOTE | 0x21c | 0x40021c | 0x40021c | 0x20 | 0x20 | 1.7487 | 0x4 | R | 0x4 | .note.ABI-tag | |
GNU_EH_FRAME | 0x33194 | 0x433194 | 0x433194 | 0x148c | 0x148c | 5.2343 | 0x4 | R | 0x4 | .eh_frame_hdr | |
GNU_STACK | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0.0000 | 0x6 | RW | 0x8 |
Type | Meta | Value | Tag |
---|---|---|---|
DT_NEEDED | sharedlib | librt.so.1 | 0x1 |
DT_NEEDED | sharedlib | libpthread.so.0 | 0x1 |
DT_NEEDED | sharedlib | libz.so.1 | 0x1 |
DT_NEEDED | sharedlib | libstdc++.so.6 | 0x1 |
DT_NEEDED | sharedlib | libm.so.6 | 0x1 |
DT_NEEDED | sharedlib | libgcc_s.so.1 | 0x1 |
DT_NEEDED | sharedlib | libc.so.6 | 0x1 |
DT_INIT | value | 0x402658 | 0xc |
DT_FINI | value | 0x431ed8 | 0xd |
DT_GNU_HASH | value | 0x400240 | 0x6ffffef5 |
DT_STRTAB | value | 0x401038 | 0x5 |
DT_SYMTAB | value | 0x4002a0 | 0x6 |
DT_STRSZ | bytes | 1963 | 0xa |
DT_SYMENT | bytes | 24 | 0xb |
DT_DEBUG | value | 0x0 | 0x15 |
DT_PLTGOT | value | 0x63e500 | 0x3 |
DT_PLTRELSZ | bytes | 3144 | 0x2 |
DT_PLTREL | pltrel | DT_RELA | 0x14 |
DT_JMPREL | value | 0x401a10 | 0x17 |
DT_RELA | value | 0x401998 | 0x7 |
DT_RELASZ | bytes | 120 | 0x8 |
DT_RELAENT | bytes | 24 | 0x9 |
DT_VERNEED | value | 0x401908 | 0x6ffffffe |
DT_VERNEEDNUM | value | 4 | 0x6fffffff |
DT_VERSYM | value | 0x4017e4 | 0x6ffffff0 |
DT_NULL | value | 0x0 | 0x0 |
Name | Version Info Name | Version Info File Name | Section Name | Value | Size | Symbol Type | Symbol Bind | Symbol Visibility | Ndx |
---|---|---|---|---|---|---|---|---|---|
.dynsym | 0x0 | 0 | NOTYPE | <unknown> | DEFAULT | SHN_UNDEF | |||
_Jv_RegisterClasses | .dynsym | 0x0 | 0 | NOTYPE | <unknown> | DEFAULT | SHN_UNDEF | ||
_Unwind_Resume | GCC_3.0 | libgcc_s.so.1 | .dynsym | 0x0 | 260 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
_ZN9__gnu_cxx18__exchange_and_addEPVii | GLIBCXX_3.4 | libstdc++.so.6 | .dynsym | 0x0 | 7 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
_ZNKSs7compareEPKc | GLIBCXX_3.4 | libstdc++.so.6 | .dynsym | 0x0 | 116 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
_ZNSs12_M_leak_hardEv | GLIBCXX_3.4 | libstdc++.so.6 | .dynsym | 0x0 | 52 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
_ZNSs4_Rep10_M_destroyERKSaIcE | GLIBCXX_3.4 | libstdc++.so.6 | .dynsym | 0x0 | 5 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
_ZNSs4_Rep20_S_empty_rep_storageE | GLIBCXX_3.4 | libstdc++.so.6 | .dynsym | 0x63eb00 | 32 | OBJECT | <unknown> | DEFAULT | 25 |
_ZNSs6appendEPKcm | GLIBCXX_3.4 | libstdc++.so.6 | .dynsym | 0x0 | 266 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
_ZNSs6appendERKSs | GLIBCXX_3.4 | libstdc++.so.6 | .dynsym | 0x0 | 170 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
_ZNSs6assignEPKcm | GLIBCXX_3.4 | libstdc++.so.6 | .dynsym | 0x0 | 218 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
_ZNSs6assignERKSs | GLIBCXX_3.4 | libstdc++.so.6 | .dynsym | 0x0 | 219 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
_ZNSs6resizeEmc | GLIBCXX_3.4 | libstdc++.so.6 | .dynsym | 0x0 | 82 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
_ZNSs7reserveEm | GLIBCXX_3.4 | libstdc++.so.6 | .dynsym | 0x0 | 170 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
_ZNSs9_M_mutateEmmm | GLIBCXX_3.4 | libstdc++.so.6 | .dynsym | 0x0 | 437 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
_ZNSsC1EPKcRKSaIcE | GLIBCXX_3.4 | libstdc++.so.6 | .dynsym | 0x0 | 90 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
_ZNSsC1EPKcmRKSaIcE | GLIBCXX_3.4 | libstdc++.so.6 | .dynsym | 0x0 | 35 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
_ZNSsC1ERKSs | GLIBCXX_3.4 | libstdc++.so.6 | .dynsym | 0x0 | 120 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
_ZNSsD1Ev | GLIBCXX_3.4 | libstdc++.so.6 | .dynsym | 0x0 | 68 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
_ZNSt8ios_base4InitC1Ev | GLIBCXX_3.4 | libstdc++.so.6 | .dynsym | 0x0 | 1942 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
_ZNSt8ios_base4InitD1Ev | GLIBCXX_3.4 | libstdc++.so.6 | .dynsym | 0x0 | 124 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
_ZSt17__throw_bad_allocv | GLIBCXX_3.4 | libstdc++.so.6 | .dynsym | 0x0 | 50 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
_ZSt18_Rb_tree_decrementPSt18_Rb_tree_node_base | GLIBCXX_3.4 | libstdc++.so.6 | .dynsym | 0x0 | 81 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
_ZSt18_Rb_tree_incrementPSt18_Rb_tree_node_base | GLIBCXX_3.4 | libstdc++.so.6 | .dynsym | 0x0 | 81 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
_ZSt20__throw_length_errorPKc | GLIBCXX_3.4 | libstdc++.so.6 | .dynsym | 0x0 | 223 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
_ZSt28_Rb_tree_rebalance_for_erasePSt18_Rb_tree_node_baseRS_ | GLIBCXX_3.4 | libstdc++.so.6 | .dynsym | 0x0 | 834 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
_ZSt29_Rb_tree_insert_and_rebalancebPSt18_Rb_tree_node_baseS0_RS_ | GLIBCXX_3.4 | libstdc++.so.6 | .dynsym | 0x0 | 347 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
_ZStplIcSt11char_traitsIcESaIcEESbIT_T0_T1_EPKS3_RKS6_ | .dynsym | 0x42aa20 | 192 | FUNC | <unknown> | DEFAULT | 12 | ||
_ZStplIcSt11char_traitsIcESaIcEESbIT_T0_T1_ERKS6_S8_ | .dynsym | 0x430b30 | 133 | FUNC | <unknown> | DEFAULT | 12 | ||
_ZTVN10__cxxabiv117__class_type_infoE | CXXABI_1.3 | libstdc++.so.6 | .dynsym | 0x63ea40 | 88 | OBJECT | <unknown> | DEFAULT | 25 |
_ZTVN10__cxxabiv121__vmi_class_type_infoE | CXXABI_1.3 | libstdc++.so.6 | .dynsym | 0x63eaa0 | 88 | OBJECT | <unknown> | DEFAULT | 25 |
_ZdaPv | GLIBCXX_3.4 | libstdc++.so.6 | .dynsym | 0x0 | 5 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
_ZdlPv | GLIBCXX_3.4 | libstdc++.so.6 | .dynsym | 0x0 | 18 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
_Znam | GLIBCXX_3.4 | libstdc++.so.6 | .dynsym | 0x0 | 33 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
_Znwm | GLIBCXX_3.4 | libstdc++.so.6 | .dynsym | 0x0 | 147 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
__assert_fail | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 289 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
__bss_start | .dynsym | 0x63ea24 | 0 | NOTYPE | <unknown> | DEFAULT | SHN_ABS | ||
__cxa_atexit | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 94 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
__cxa_begin_catch | CXXABI_1.3 | libstdc++.so.6 | .dynsym | 0x0 | 128 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
__cxa_end_catch | CXXABI_1.3 | libstdc++.so.6 | .dynsym | 0x0 | 125 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
__cxa_rethrow | CXXABI_1.3 | libstdc++.so.6 | .dynsym | 0x0 | 74 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
__errno_location | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 17 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
__gmon_start__ | .dynsym | 0x0 | 0 | NOTYPE | <unknown> | DEFAULT | SHN_UNDEF | ||
__gxx_personality_v0 | CXXABI_1.3 | libstdc++.so.6 | .dynsym | 0x402d80 | 1182 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
__libc_start_main | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 421 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
__lxstat | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 75 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
__strtol_internal | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 16 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
__xstat | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 75 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
_edata | .dynsym | 0x63ea24 | 0 | NOTYPE | <unknown> | DEFAULT | SHN_ABS | ||
_end | .dynsym | 0x63ee70 | 0 | NOTYPE | <unknown> | DEFAULT | SHN_ABS | ||
_fini | .dynsym | 0x431ed8 | 0 | FUNC | <unknown> | DEFAULT | 13 | ||
_init | .dynsym | 0x402658 | 0 | FUNC | <unknown> | DEFAULT | 10 | ||
abort | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 721 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
access | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 37 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
close | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 108 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
closedir | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 42 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
connect | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 128 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
daemon | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 321 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
dup2 | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 37 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
execv | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 15 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
exit | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 241 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
fclose | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 518 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
fcntl | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 194 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
fflush | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 254 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
fgetc | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 240 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
fgets | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 410 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
fopen | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 10 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
fork | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 5 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
fprintf | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 144 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
fputs | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 314 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
fread | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 326 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
fseek | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 238 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
fseeko64 | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 238 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
ftell | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 315 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
ftello64 | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 315 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
fwrite | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 355 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
geteuid | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 8 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
gethostbyname | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 425 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
getpid | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 51 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
gettimeofday | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 46 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
inet_addr | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 357 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
inet_ntoa | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 135 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
ioctl | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 37 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
isspace | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 67 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
kill | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 37 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
localtime_r | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 13 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
memcpy | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 1125 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
memmove | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 372 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
memset | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 2843 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
mkdir | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 37 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
mktime | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 32 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
open | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 128 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
opendir | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 152 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
pclose | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 5 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
perror | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 341 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
popen | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 155 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
printf | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 162 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
pthread_cancel | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 156 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
pthread_create | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 2881 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
pthread_detach | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 82 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
pthread_join | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 352 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
pthread_mutex_destroy | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 29 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
pthread_mutex_init | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 396 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
pthread_mutex_lock | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 1509 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
pthread_mutex_unlock | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 10 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
rand | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 14 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
read | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 128 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
readdir | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 192 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
readlink | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 37 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
recv | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 212 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
recvfrom | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 161 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
remove | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 52 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
rename | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 37 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
select | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 151 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
send | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 212 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
sendto | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 161 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
setsid | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 37 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
setsockopt | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 40 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
shutdown | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 37 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
sigaddset | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 68 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
sigemptyset | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 49 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
signal | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 212 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
sigprocmask | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 48 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
sleep | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 441 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
socket | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 37 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
socketpair | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 40 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
sprintf | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 144 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
srand | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 108 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
sscanf | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 144 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
stdout | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x63eb20 | 8 | OBJECT | <unknown> | DEFAULT | 25 |
strchr | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 418 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
strcmp | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 33 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
strcpy | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 220 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
strlen | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 233 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
strncasecmp | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 75 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
strncmp | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 179 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
strncpy | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 166 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
strrchr | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 61 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
strstr | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 299 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
system | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 5 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
time | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 18 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
usleep | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 57 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
vasprintf | GLIBC_2.2.5 | libc.so.6 | .dynsym | 0x0 | 405 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
waitpid | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 173 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
write | GLIBC_2.2.5 | libpthread.so.0 | .dynsym | 0x0 | 128 | FUNC | <unknown> | DEFAULT | SHN_UNDEF |
Timestamp | Protocol | SID | Message | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|---|---|---|
04/10/24-11:16:51.500898 | UDP | 2051839 | ET TROJAN Suspected DinodasRAT Related Activity (UDP) | 41687 | 443 | 192.168.2.126 | 91.195.240.94 |
04/10/24-11:17:22.705256 | UDP | 2051868 | ET TROJAN Linux/Dinodas RAT CnC Checkin - UDP | 45210 | 443 | 192.168.2.126 | 91.195.240.94 |
04/10/24-11:15:49.341725 | UDP | 2051868 | ET TROJAN Linux/Dinodas RAT CnC Checkin - UDP | 45342 | 443 | 192.168.2.126 | 91.195.240.94 |
04/10/24-11:17:22.705256 | UDP | 2051839 | ET TROJAN Suspected DinodasRAT Related Activity (UDP) | 45210 | 443 | 192.168.2.126 | 91.195.240.94 |
04/10/24-11:17:53.785050 | UDP | 2051839 | ET TROJAN Suspected DinodasRAT Related Activity (UDP) | 38251 | 443 | 192.168.2.126 | 91.195.240.94 |
04/10/24-11:15:18.245782 | UDP | 2051839 | ET TROJAN Suspected DinodasRAT Related Activity (UDP) | 38278 | 443 | 192.168.2.126 | 91.195.240.94 |
04/10/24-11:14:27.079270 | UDP | 2051867 | ET TROJAN Dinodas RAT CnC Domain in DNS Lookup (update .centos-yum .com) | 43079 | 53 | 192.168.2.126 | 1.1.1.1 |
04/10/24-11:14:27.079270 | UDP | 2051846 | ET TROJAN DNS Query to Earth Krahang APT Domain (update .centos-yum .com) | 43079 | 53 | 192.168.2.126 | 1.1.1.1 |
04/10/24-11:15:49.341725 | UDP | 2051839 | ET TROJAN Suspected DinodasRAT Related Activity (UDP) | 45342 | 443 | 192.168.2.126 | 91.195.240.94 |
04/10/24-11:15:18.245782 | UDP | 2051868 | ET TROJAN Linux/Dinodas RAT CnC Checkin - UDP | 38278 | 443 | 192.168.2.126 | 91.195.240.94 |
04/10/24-11:14:47.166945 | UDP | 2051868 | ET TROJAN Linux/Dinodas RAT CnC Checkin - UDP | 55268 | 443 | 192.168.2.126 | 91.195.240.94 |
04/10/24-11:16:20.415578 | UDP | 2051839 | ET TROJAN Suspected DinodasRAT Related Activity (UDP) | 50490 | 443 | 192.168.2.126 | 91.195.240.94 |
04/10/24-11:18:25.105451 | UDP | 2051839 | ET TROJAN Suspected DinodasRAT Related Activity (UDP) | 34962 | 443 | 192.168.2.126 | 91.195.240.94 |
04/10/24-11:17:53.785050 | UDP | 2051868 | ET TROJAN Linux/Dinodas RAT CnC Checkin - UDP | 38251 | 443 | 192.168.2.126 | 91.195.240.94 |
04/10/24-11:14:27.079270 | UDP | 2051837 | ET TROJAN DinodasRAT Related CnC Domain in DNS Lookup (update .centos-yum .com) | 43079 | 53 | 192.168.2.126 | 1.1.1.1 |
04/10/24-11:14:47.166945 | UDP | 2051839 | ET TROJAN Suspected DinodasRAT Related Activity (UDP) | 55268 | 443 | 192.168.2.126 | 91.195.240.94 |
04/10/24-11:18:25.105451 | UDP | 2051868 | ET TROJAN Linux/Dinodas RAT CnC Checkin - UDP | 34962 | 443 | 192.168.2.126 | 91.195.240.94 |
04/10/24-11:16:20.415578 | UDP | 2051868 | ET TROJAN Linux/Dinodas RAT CnC Checkin - UDP | 50490 | 443 | 192.168.2.126 | 91.195.240.94 |
04/10/24-11:16:51.500898 | UDP | 2051868 | ET TROJAN Linux/Dinodas RAT CnC Checkin - UDP | 41687 | 443 | 192.168.2.126 | 91.195.240.94 |
Timestamp | Source Port | Dest Port | Source IP | Dest IP |
---|---|---|---|---|
Apr 10, 2024 11:14:27.079269886 CEST | 43079 | 53 | 192.168.2.126 | 1.1.1.1 |
Apr 10, 2024 11:14:27.120377064 CEST | 53 | 43079 | 1.1.1.1 | 192.168.2.126 |
Apr 10, 2024 11:14:27.121093988 CEST | 55268 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:14:29.120635033 CEST | 55268 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:14:31.122613907 CEST | 55268 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:14:33.129244089 CEST | 55268 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:14:35.130264997 CEST | 55268 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:14:37.130201101 CEST | 55268 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:14:39.141129971 CEST | 55268 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:14:41.153228045 CEST | 55268 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:14:43.153254986 CEST | 55268 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:14:45.165270090 CEST | 55268 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:14:47.166944981 CEST | 55268 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:14:58.185230017 CEST | 38278 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:15:00.197268009 CEST | 38278 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:15:02.201262951 CEST | 38278 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:15:04.202398062 CEST | 38278 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:15:06.206721067 CEST | 38278 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:15:08.221261024 CEST | 38278 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:15:10.218815088 CEST | 38278 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:15:12.227344036 CEST | 38278 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:15:14.232481003 CEST | 38278 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:15:16.232530117 CEST | 38278 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:15:18.245781898 CEST | 38278 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:15:29.283850908 CEST | 45342 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:15:31.284523964 CEST | 45342 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:15:33.299632072 CEST | 45342 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:15:35.312860012 CEST | 45342 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:15:37.313183069 CEST | 45342 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:15:39.320440054 CEST | 45342 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:15:41.333156109 CEST | 45342 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:15:43.333252907 CEST | 45342 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:15:45.333291054 CEST | 45342 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:15:47.341924906 CEST | 45342 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:15:49.341725111 CEST | 45342 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:16:00.376656055 CEST | 50490 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:16:02.379231930 CEST | 50490 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:16:04.385230064 CEST | 50490 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:16:06.381423950 CEST | 50490 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:16:08.382404089 CEST | 50490 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:16:10.382457018 CEST | 50490 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:16:12.384330034 CEST | 50490 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:16:14.392476082 CEST | 50490 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:16:16.395550966 CEST | 50490 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:16:18.400507927 CEST | 50490 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:16:20.415577888 CEST | 50490 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:16:31.446983099 CEST | 41687 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:16:33.460840940 CEST | 41687 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:16:35.469252110 CEST | 41687 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:16:37.468544006 CEST | 41687 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:16:39.469147921 CEST | 41687 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:16:41.482006073 CEST | 41687 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:16:43.481857061 CEST | 41687 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:16:45.488805056 CEST | 41687 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:16:47.497409105 CEST | 41687 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:16:49.496872902 CEST | 41687 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:16:51.500897884 CEST | 41687 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:17:02.643419027 CEST | 45210 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:17:04.645252943 CEST | 45210 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:17:06.645814896 CEST | 45210 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:17:08.652321100 CEST | 45210 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:17:10.653053999 CEST | 45210 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:17:12.668294907 CEST | 45210 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:17:14.683808088 CEST | 45210 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:17:16.683470011 CEST | 45210 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:17:18.685420036 CEST | 45210 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:17:20.701240063 CEST | 45210 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:17:22.705255985 CEST | 45210 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:17:33.724031925 CEST | 38251 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:17:35.736510038 CEST | 38251 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:17:37.737886906 CEST | 38251 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:17:39.753242970 CEST | 38251 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:17:41.753247976 CEST | 38251 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:17:43.753793001 CEST | 38251 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:17:45.765911102 CEST | 38251 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:17:47.771455050 CEST | 38251 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:17:49.771600008 CEST | 38251 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:17:51.778343916 CEST | 38251 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:17:53.785049915 CEST | 38251 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:18:05.045011044 CEST | 34962 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:18:07.066580057 CEST | 34962 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:18:09.081686974 CEST | 34962 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:18:11.082798004 CEST | 34962 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:18:13.091403961 CEST | 34962 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:18:15.092485905 CEST | 34962 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:18:17.094456911 CEST | 34962 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:18:19.095089912 CEST | 34962 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:18:21.096115112 CEST | 34962 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:18:23.098575115 CEST | 34962 | 443 | 192.168.2.126 | 91.195.240.94 |
Apr 10, 2024 11:18:25.105451107 CEST | 34962 | 443 | 192.168.2.126 | 91.195.240.94 |
Timestamp | Source IP | Dest IP | Trans ID | OP Code | Name | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|
Apr 10, 2024 11:14:27.079269886 CEST | 192.168.2.126 | 1.1.1.1 | 0x1174 | Standard query (0) | A (IP address) | IN (0x0001) | false |
Timestamp | Source IP | Dest IP | Trans ID | Reply Code | Name | CName | Address | Type | Class | DNS over HTTPS |
---|---|---|---|---|---|---|---|---|---|---|
Apr 10, 2024 11:14:27.120377064 CEST | 1.1.1.1 | 192.168.2.126 | 0x1174 | No error (0) | 91.195.240.94 | A (IP address) | IN (0x0001) | false |
System Behavior
Start time (UTC): | 09:14:25 |
Start date (UTC): | 10/04/2024 |
Path: | /tmp/ijxeqyXNc4 |
Arguments: | /tmp/ijxeqyXNc4 |
File size: | 261344 bytes |
MD5 hash: | 8138f1af1dc51cde924aa2360f12d650 |
Start time (UTC): | 09:14:25 |
Start date (UTC): | 10/04/2024 |
Path: | /tmp/ijxeqyXNc4 |
Arguments: | - |
File size: | 261344 bytes |
MD5 hash: | 8138f1af1dc51cde924aa2360f12d650 |
Start time (UTC): | 09:14:25 |
Start date (UTC): | 10/04/2024 |
Path: | /tmp/ijxeqyXNc4 |
Arguments: | - |
File size: | 261344 bytes |
MD5 hash: | 8138f1af1dc51cde924aa2360f12d650 |
Start time (UTC): | 09:14:25 |
Start date (UTC): | 10/04/2024 |
Path: | /bin/sh |
Arguments: | sh -c "cat /proc/version" |
File size: | 125688 bytes |
MD5 hash: | 7409ae3f7b10e059ee70d9079c94b097 |
Start time (UTC): | 09:14:25 |
Start date (UTC): | 10/04/2024 |
Path: | /bin/sh |
Arguments: | - |
File size: | 125688 bytes |
MD5 hash: | 7409ae3f7b10e059ee70d9079c94b097 |
Start time (UTC): | 09:14:25 |
Start date (UTC): | 10/04/2024 |
Path: | /usr/bin/cat |
Arguments: | cat /proc/version |
File size: | 35288 bytes |
MD5 hash: | bad083817ee6cf28643668a67fce3f4e |
Start time (UTC): | 09:14:25 |
Start date (UTC): | 10/04/2024 |
Path: | /tmp/ijxeqyXNc4 |
Arguments: | - |
File size: | 261344 bytes |
MD5 hash: | 8138f1af1dc51cde924aa2360f12d650 |
Start time (UTC): | 09:14:25 |
Start date (UTC): | 10/04/2024 |
Path: | /bin/sh |
Arguments: | sh -c "cat /etc/lsb-release" |
File size: | 125688 bytes |
MD5 hash: | 7409ae3f7b10e059ee70d9079c94b097 |
Start time (UTC): | 09:14:25 |
Start date (UTC): | 10/04/2024 |
Path: | /bin/sh |
Arguments: | - |
File size: | 125688 bytes |
MD5 hash: | 7409ae3f7b10e059ee70d9079c94b097 |
Start time (UTC): | 09:14:25 |
Start date (UTC): | 10/04/2024 |
Path: | /usr/bin/cat |
Arguments: | cat /etc/lsb-release |
File size: | 35288 bytes |
MD5 hash: | bad083817ee6cf28643668a67fce3f4e |
Start time (UTC): | 09:14:25 |
Start date (UTC): | 10/04/2024 |
Path: | /tmp/ijxeqyXNc4 |
Arguments: | - |
File size: | 261344 bytes |
MD5 hash: | 8138f1af1dc51cde924aa2360f12d650 |
Start time (UTC): | 09:14:25 |
Start date (UTC): | 10/04/2024 |
Path: | /bin/sh |
Arguments: | sh -c "ln -s /lib/systemd/system/rc.local.service /etc/systemd/system/" |
File size: | 125688 bytes |
MD5 hash: | 7409ae3f7b10e059ee70d9079c94b097 |
Start time (UTC): | 09:14:25 |
Start date (UTC): | 10/04/2024 |
Path: | /bin/sh |
Arguments: | - |
File size: | 125688 bytes |
MD5 hash: | 7409ae3f7b10e059ee70d9079c94b097 |
Start time (UTC): | 09:14:25 |
Start date (UTC): | 10/04/2024 |
Path: | /usr/bin/ln |
Arguments: | ln -s /lib/systemd/system/rc.local.service /etc/systemd/system/ |
File size: | 59912 bytes |
MD5 hash: | 85642a6e6b43fa5b4177f69df37f3ba3 |
Start time (UTC): | 09:14:25 |
Start date (UTC): | 10/04/2024 |
Path: | /tmp/ijxeqyXNc4 |
Arguments: | - |
File size: | 261344 bytes |
MD5 hash: | 8138f1af1dc51cde924aa2360f12d650 |
Start time (UTC): | 09:14:25 |
Start date (UTC): | 10/04/2024 |
Path: | /bin/sh |
Arguments: | sh -c "chmod 777 /etc/rc.local" |
File size: | 125688 bytes |
MD5 hash: | 7409ae3f7b10e059ee70d9079c94b097 |
Start time (UTC): | 09:14:25 |
Start date (UTC): | 10/04/2024 |
Path: | /bin/sh |
Arguments: | - |
File size: | 125688 bytes |
MD5 hash: | 7409ae3f7b10e059ee70d9079c94b097 |
Start time (UTC): | 09:14:25 |
Start date (UTC): | 10/04/2024 |
Path: | /usr/bin/chmod |
Arguments: | chmod 777 /etc/rc.local |
File size: | 55816 bytes |
MD5 hash: | a3c9079943bd39eee11caecec425e36e |
Start time (UTC): | 09:14:25 |
Start date (UTC): | 10/04/2024 |
Path: | /tmp/ijxeqyXNc4 |
Arguments: | - |
File size: | 261344 bytes |
MD5 hash: | 8138f1af1dc51cde924aa2360f12d650 |
Start time (UTC): | 09:14:25 |
Start date (UTC): | 10/04/2024 |
Path: | /bin/sh |
Arguments: | sh -c "/tmp/ijxeqyXNc4 d 5432" |
File size: | 125688 bytes |
MD5 hash: | 7409ae3f7b10e059ee70d9079c94b097 |
Start time (UTC): | 09:14:25 |
Start date (UTC): | 10/04/2024 |
Path: | /bin/sh |
Arguments: | - |
File size: | 125688 bytes |
MD5 hash: | 7409ae3f7b10e059ee70d9079c94b097 |
Start time (UTC): | 09:14:25 |
Start date (UTC): | 10/04/2024 |
Path: | /tmp/ijxeqyXNc4 |
Arguments: | /tmp/ijxeqyXNc4 d 5432 |
File size: | 261344 bytes |
MD5 hash: | 8138f1af1dc51cde924aa2360f12d650 |
Start time (UTC): | 09:14:25 |
Start date (UTC): | 10/04/2024 |
Path: | /tmp/ijxeqyXNc4 |
Arguments: | - |
File size: | 261344 bytes |
MD5 hash: | 8138f1af1dc51cde924aa2360f12d650 |
Start time (UTC): | 09:14:25 |
Start date (UTC): | 10/04/2024 |
Path: | /bin/sh |
Arguments: | sh -c ifconfig |
File size: | 125688 bytes |
MD5 hash: | 7409ae3f7b10e059ee70d9079c94b097 |
Start time (UTC): | 09:14:25 |
Start date (UTC): | 10/04/2024 |
Path: | /bin/sh |
Arguments: | - |
File size: | 125688 bytes |
MD5 hash: | 7409ae3f7b10e059ee70d9079c94b097 |
Start time (UTC): | 09:14:25 |
Start date (UTC): | 10/04/2024 |
Path: | /usr/sbin/ifconfig |
Arguments: | ifconfig |
File size: | 79024 bytes |
MD5 hash: | 53aa4bb01899b4d5020230af1a3d5e8b |
Start time (UTC): | 09:14:25 |
Start date (UTC): | 10/04/2024 |
Path: | /tmp/ijxeqyXNc4 |
Arguments: | - |
File size: | 261344 bytes |
MD5 hash: | 8138f1af1dc51cde924aa2360f12d650 |
Start time (UTC): | 09:14:25 |
Start date (UTC): | 10/04/2024 |
Path: | /bin/sh |
Arguments: | sh -c dmidecode |
File size: | 125688 bytes |
MD5 hash: | 7409ae3f7b10e059ee70d9079c94b097 |
Start time (UTC): | 09:14:26 |
Start date (UTC): | 10/04/2024 |
Path: | /bin/sh |
Arguments: | - |
File size: | 125688 bytes |
MD5 hash: | 7409ae3f7b10e059ee70d9079c94b097 |
Start time (UTC): | 09:14:26 |
Start date (UTC): | 10/04/2024 |
Path: | /usr/sbin/dmidecode |
Arguments: | dmidecode |
File size: | 121840 bytes |
MD5 hash: | f030dde9ad21d7fa298fae2a2286a1c7 |
Start time (UTC): | 09:14:26 |
Start date (UTC): | 10/04/2024 |
Path: | /tmp/ijxeqyXNc4 |
Arguments: | - |
File size: | 261344 bytes |
MD5 hash: | 8138f1af1dc51cde924aa2360f12d650 |
Start time (UTC): | 09:14:26 |
Start date (UTC): | 10/04/2024 |
Path: | /bin/sh |
Arguments: | sh -c "cat /etc/issue" |
File size: | 125688 bytes |
MD5 hash: | 7409ae3f7b10e059ee70d9079c94b097 |
Start time (UTC): | 09:14:26 |
Start date (UTC): | 10/04/2024 |
Path: | /bin/sh |
Arguments: | - |
File size: | 125688 bytes |
MD5 hash: | 7409ae3f7b10e059ee70d9079c94b097 |
Start time (UTC): | 09:14:26 |
Start date (UTC): | 10/04/2024 |
Path: | /usr/bin/cat |
Arguments: | cat /etc/issue |
File size: | 35288 bytes |
MD5 hash: | bad083817ee6cf28643668a67fce3f4e |
Start time (UTC): | 09:14:26 |
Start date (UTC): | 10/04/2024 |
Path: | /tmp/ijxeqyXNc4 |
Arguments: | - |
File size: | 261344 bytes |
MD5 hash: | 8138f1af1dc51cde924aa2360f12d650 |
Start time (UTC): | 09:14:26 |
Start date (UTC): | 10/04/2024 |
Path: | /bin/sh |
Arguments: | sh -c "getconf LONG_BIT" |
File size: | 125688 bytes |
MD5 hash: | 7409ae3f7b10e059ee70d9079c94b097 |
Start time (UTC): | 09:14:26 |
Start date (UTC): | 10/04/2024 |
Path: | /bin/sh |
Arguments: | - |
File size: | 125688 bytes |
MD5 hash: | 7409ae3f7b10e059ee70d9079c94b097 |
Start time (UTC): | 09:14:26 |
Start date (UTC): | 10/04/2024 |
Path: | /usr/bin/getconf |
Arguments: | getconf LONG_BIT |
File size: | 35112 bytes |
MD5 hash: | 419753c9d341f1e7aa8451dea9441fd9 |