Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Linux Analysis Report
sshd.elf

Overview

General Information

Sample name:sshd.elf
Analysis ID:1544950
MD5:6ee0f00a2b7666dfff2975977f5931f3
SHA1:a69336d0f3c9b1f98231998d818c8dd87195eeac
SHA256:f3284261954c3fad15161ebfb935d89c6894a8cc59749693d665ad5864aada87
Tags:elfuser-abuse_ch
Infos:

Detection

Score:48
Range:0 - 100
Whitelisted:false

Signatures

Multi AV Scanner detection for submitted file
Contains symbols related to standard C library sleeps (sometimes used to evade sandboxing)
Sample contains strings that are potentially command strings
Sample has stripped symbol table
Uses the "uname" system call to query kernel version information (possible evasion)

Classification

General Information

Joe Sandbox version:41.0.0 Charoite
Analysis ID:1544950
Start date and time:2024-10-29 22:12:08 +01:00
Joe Sandbox product:CloudBasic
Overall analysis duration:0h 10m 27s
Hypervisor based Inspection enabled:false
Report type:full
Cookbook file name:defaultlinuxfilecookbook.jbs
Analysis system description:Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Analysis Mode:default
Sample name:sshd.elf
Detection:MAL
Classification:mal48.linELF@0/0@2/0
Cookbook Comments:
  • Analysis time extended to 480s due to sleep detection in submitted sample

Warnings

  • VT rate limit hit for: sshd.elf

Runtime Messages

Command:/tmp/sshd.elf
PID:5430
Exit Code:255
Exit Code Info:
Killed:False
Standard Output:

Standard Error:/lib/ld-linux-armhf.so.3: No such file or directory

Process Tree

  • system is lnxubuntu20
  • sshd.elf (PID: 5430, Parent: 5357, MD5: 5ebfcae4fe2471fcc5695c2394773ff1) Arguments: /tmp/sshd.elf
  • cleanup

Yara Signatures

No yara matches

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Multi AV Scanner detection for submitted file
Source: sshd.elfReversingLabs: Detection: 21%
Source: global trafficDNS traffic detected: DNS query: daisy.ubuntu.com
Source: sshd.elfELF static info symbol of initial sample: freeaddrinfo
Source: sshd.elfELF static info symbol of initial sample: gai_strerror
Source: sshd.elfELF static info symbol of initial sample: getaddrinfo
Source: sshd.elfELF static info symbol of initial sample: getnameinfo
Source: sshd.elfString found in binary or memory: http://www.openssl.org/support/faq.html
Source: sshd.elfString found in binary or memory: http://www.openssl.org/support/faq.htmlmd_rand.c
Source: Initial samplePotential command found: ssh server is locked, please try again %dmin after !!!
Source: Initial samplePotential command found: X11 forwarding
Source: Initial samplePotential command found: X11 forwarding disabled in user configuration file.
Source: Initial samplePotential command found: X11 forwarding disabled in server configuration file.
Source: Initial samplePotential command found: X11 display already set.
Source: Initial samplePotential command found: X11 connection requested.
Source: Initial samplePotential command found: X11 connection from %.200s port %d
Source: Initial samplePotential command found: X11 connection rejected because of wrong authentication.
Source: Initial samplePotential command found: X11 rejected %d i%d/o%d
Source: Initial samplePotential command found: X11 closed %d i%d/o%d
Source: Initial samplePotential command found: X11 inet listener
Source: Initial samplePotential command found: X11 connection uses different authentication protocol.
Source: Initial samplePotential command found: X11 auth data does not match fake data.
Source: Initial samplePotential command found: X11 fake_data_len %d != saved_data_len %d
Source: ELF static info symbol of initial sample.symtab present: no
Source: classification engineClassification label: mal48.linELF@0/0@2/0
Source: ELF symbol in initial sampleSymbol name: usleep
Source: /tmp/sshd.elf (PID: 5430)Queries kernel information via 'uname': Jump to behavior
Source: sshd.elf, 5430.1.00007fff74d18000.00007fff74d39000.rw-.sdmpBinary or memory string: x86_64/usr/bin/qemu-arm/tmp/sshd.elfSUDO_USER=saturninoPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_UID=1000TERM=xterm-256colorCOLORTERM=truecolorLOGNAME=rootUSER=rootLANG=en_US.UTF-8SUDO_COMMAND=/bin/bashHOME=/rootMAIL=/var/mail/rootSUDO_GID=1000SHELL=/bin/bash/tmp/sshd.elf
Source: sshd.elf, 5430.1.00007fff74d18000.00007fff74d39000.rw-.sdmpBinary or memory string: qemu: %s: %s
Source: sshd.elf, 5430.1.00007fff74d18000.00007fff74d39000.rw-.sdmpBinary or memory string: leqemu: %s: %s
Source: sshd.elf, 5430.1.0000562238c22000.0000562238d50000.rw-.sdmpBinary or memory string: 8"V!/etc/qemu-binfmt/arm
Source: sshd.elf, 5430.1.0000562238c22000.0000562238d50000.rw-.sdmpBinary or memory string: /etc/qemu-binfmt/arm
Source: sshd.elf, 5430.1.00007fff74d18000.00007fff74d39000.rw-.sdmpBinary or memory string: /usr/bin/qemu-arm
Source: sshd.elf, 5430.1.0000562238c22000.0000562238d50000.rw-.sdmpBinary or memory string: 8"Vrg.qemu.gdb.arm.sys.regs">
Source: sshd.elf, 5430.1.0000562238c22000.0000562238d50000.rw-.sdmpBinary or memory string: rg.qemu.gdb.arm.sys.regs">

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid Accounts1
Command and Scripting Interpreter		Path InterceptionPath Interception1
Virtualization/Sandbox Evasion		OS Credential Dumping11
Security Software Discovery		Remote ServicesData from Local System1
Non-Application Layer Protocol		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS Memory1
Virtualization/Sandbox Evasion		Remote Desktop ProtocolData from Removable Media1
Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service

Malware Configuration

No configs have been found

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Number of created Files
  • Is malicious
  • Internet

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
sshd.elf21%ReversingLabsLinux.Trojan.SSHDoor

Dropped Files

No Antivirus matches

Domains

No Antivirus matches

URLs

SourceDetectionScannerLabelLink
http://www.openssl.org/support/faq.html0%URL Reputationsafe

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
daisy.ubuntu.com
162.213.35.25
truefalse
    		unknown

    URLs from Memory and Binaries

    NameSourceMaliciousAntivirus DetectionReputation
    http://www.openssl.org/support/faq.htmlmd_rand.csshd.elffalse
      		unknown
      http://www.openssl.org/support/faq.htmlsshd.elffalse
      • URL Reputation: safe
      		unknown

      World Map of Contacted IPs

      No contacted IP infos

      Joe Sandbox View / Context

      IPs

      No context

      Domains

      MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
      daisy.ubuntu.combelks.arm.elfGet hashmaliciousMiraiBrowse
      • 162.213.35.24
      belks.arm6.elfGet hashmaliciousMiraiBrowse
      • 162.213.35.25
      belks.arm5.elfGet hashmaliciousUnknownBrowse
      • 162.213.35.24
      belks.arm7.elfGet hashmaliciousMiraiBrowse
      • 162.213.35.25
      belks.mips.elfGet hashmaliciousMiraiBrowse
      • 162.213.35.24
      belks.sh4.elfGet hashmaliciousMiraiBrowse
      • 162.213.35.24
      belks.ppc.elfGet hashmaliciousMiraiBrowse
      • 162.213.35.25
      5.elfGet hashmaliciousUnknownBrowse
      • 162.213.35.24
      arm6.elfGet hashmaliciousMiraiBrowse
      • 162.213.35.25
      arm7.elfGet hashmaliciousMiraiBrowse
      • 162.213.35.24

      ASNs

      No context

      JA3 Fingerprints

      No context

      Dropped Files

      No context

      Created / dropped Files

      No created / dropped files found

      Static File Info

      General

      File type:ELF 32-bit LSB executable, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, for GNU/Linux 3.2.0, stripped
      Entropy (8bit):6.236010302029274
      TrID:
      • ELF Executable and Linkable format (generic) (4004/1) 100.00%
      File name:sshd.elf
      File size:1'110'304 bytes
      MD5:6ee0f00a2b7666dfff2975977f5931f3
      SHA1:a69336d0f3c9b1f98231998d818c8dd87195eeac
      SHA256:f3284261954c3fad15161ebfb935d89c6894a8cc59749693d665ad5864aada87
      SHA512:43e31b7d2c80fd92bb0f6be4fc6875b2b5e652120ba0034f753377bca5f9bd7d5e0bb16ac2f426b9f57d8c6b0bc6d551f1aa8cfb87f7b9679eb05e59c1cdcc9e
      SSDEEP:12288:E8dASOYRNCAJump208iJftl7zunSrlcaUxQ5TVFQGl9eLtRajZa6ZTxIVD7bLv:E8dbbsOP8+TfgRinIVvv
      TLSH:40356D56F9808EA2C5D8177BF75D835833134B78D7DEB102CD08672877AB95A0E3B982
      File Content Preview:.ELF..............(......d..4...p.......4. ...(........p\...\...\.......................4...4...4... ... ...............T...T...T...................................h...h...........................0....m..........................(...(...............p...p..

      Static ELF Info

      ELF header

      Class:ELF32
      Data:2's complement, little endian
      Version:1 (current)
      Machine:ARM
      Version Number:0x1
      Type:EXEC (Executable file)
      OS/ABI:UNIX - System V
      ABI Version:0
      Entry Point Address:0x164f4
      Flags:0x5000400
      ELF Header Size:52
      Program Header Offset:52
      Program Header Size:32
      Number of Program Headers:9
      Section Header Offset:1109104
      Section Header Size:40
      Number of Section Headers:30
      Header String Table Index:29

      Sections

      NameTypeAddressOffsetSizeEntSizeFlagsFlags DescriptionLinkInfoAlign
      NULL0x00x00x00x00x0000
      .interpPROGBITS0x101540x1540x190x00x2A001
      .note.ABI-tagNOTE0x101700x1700x200x00x2A004
      .hashHASH0x101900x1900x7380x40x2A504
      .gnu.hashGNU_HASH0x108c80x8c80x8300x40x2A504
      .dynsymDYNSYM0x110f80x10f80x10700x100x2A614
      .dynstrSTRTAB0x121680x21680x90e0x00x2A001
      .gnu.versionVERSYM0x12a760x2a760x20e0x20x2A502
      .gnu.version_rVERNEED0x12c840x2c840xe00x00x2A644
      .rel.dynREL0x12d640x2d640x380x80x2A504
      .rel.pltREL0x12d9c0x2d9c0x7680x80x42AI5224
      .initPROGBITS0x135040x35040xc0x00x6AX004
      .pltPROGBITS0x135100x35100xb300x40x6AX004
      .textPROGBITS0x140400x40400xb55940x00x6AX008
      .finiPROGBITS0xc95d40xb95d40x80x00x6AX004
      .rodataPROGBITS0xc95e00xb95e00x53f7c0x00x2A008
      .ARM.exidxARM_EXIDX0x11d55c0x10d55c0x80x00x82AL1304
      .eh_framePROGBITS0x11d5640x10d5640x40x00x2A004
      .init_arrayINIT_ARRAY0x12deb40x10deb40x40x40x3WA004
      .fini_arrayFINI_ARRAY0x12deb80x10deb80x40x40x3WA004
      .data.rel.roPROGBITS0x12debc0x10debc0x1c0x00x3WA004
      .dynamicDYNAMIC0x12ded80x10ded80x1280x80x3WA604
      .gotPROGBITS0x12e0000x10e0000x3d40x40x3WA004
      .dataPROGBITS0x12e3d40x10e3d40x6100x00x3WA004
      .bssNOBITS0x12e9e80x10e9e40x62600x00x3WA008
      .commentPROGBITS0x00x10e9e40x550x10x30MS001
      .ARM.attributesARM_ATTRIBUTES0x00x10ea390x350x00x0001
      .miscpathPROGBITS0x00x10ea6e0x00x00x0001
      .dhsecPROGBITS0x00x10ea6e0x1000x00x0001
      .shstrtabSTRTAB0x00x10eb6e0x1000x00x0001

      Program Segments

      TypeOffsetVirtual AddressPhysical AddressFile SizeMemory SizeEntropyFlagsFlags DescriptionAlignProg InterpreterSection Mappings
      EXIDX0x10d55c0x11d55c0x11d55c0x80x82.40560x4R 0x4.ARM.exidx
      PHDR0x340x100340x100340x1200x1202.80010x4R 0x4
      INTERP0x1540x101540x101540x190x194.13370x4R 0x1/lib/ld-linux-armhf.so.3.interp
      LOAD0x00x100000x100000x10d5680x10d5686.24890x5R E0x10000.interp .note.ABI-tag .hash .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rel.dyn .rel.plt .init .plt .text .fini .rodata .ARM.exidx .eh_frame
      LOAD0x10deb40x12deb40x12deb40xb300x6d943.73170x6RW 0x10000.init_array .fini_array .data.rel.ro .dynamic .got .data .bss
      DYNAMIC0x10ded80x12ded80x12ded80x1280x1282.68160x6RW 0x4.dynamic
      NOTE0x1700x101700x101700x200x201.56130x4R 0x4.note.ABI-tag
      GNU_STACK0x00x00x00x00x00.00000x6RW 0x10
      GNU_RELRO0x10deb40x12deb40x12deb40x14c0x14c3.01430x4R 0x1.init_array .fini_array .data.rel.ro .dynamic

      Dynamic Tags

      TypeMetaValueTag
      DT_NEEDEDsharedliblibrt.so.10x1
      DT_NEEDEDsharedliblibdl.so.20x1
      DT_NEEDEDsharedliblibutil.so.10x1
      DT_NEEDEDsharedliblibcrypt.so.10x1
      DT_NEEDEDsharedliblibresolv.so.20x1
      DT_NEEDEDsharedliblibz.so.10x1
      DT_NEEDEDsharedliblibm.so.60x1
      DT_NEEDEDsharedliblibc.so.60x1
      DT_INITvalue0x135040xc
      DT_FINIvalue0xc95d40xd
      DT_INIT_ARRAYvalue0x12deb40x19
      DT_INIT_ARRAYSZbytes40x1b
      DT_FINI_ARRAYvalue0x12deb80x1a
      DT_FINI_ARRAYSZbytes40x1c
      DT_HASHvalue0x101900x4
      DT_GNU_HASHvalue0x108c80x6ffffef5
      DT_STRTABvalue0x121680x5
      DT_SYMTABvalue0x110f80x6
      DT_STRSZbytes23180xa
      DT_SYMENTbytes160xb
      DT_DEBUGvalue0x00x15
      DT_PLTGOTvalue0x12e0000x3
      DT_PLTRELSZbytes18960x2
      DT_PLTRELpltrelDT_REL0x14
      DT_JMPRELvalue0x12d9c0x17
      DT_RELvalue0x12d640x11
      DT_RELSZbytes560x12
      DT_RELENTbytes80x13
      DT_VERNEEDvalue0x12c840x6ffffffe
      DT_VERNEEDNUMvalue40x6fffffff
      DT_VERSYMvalue0x12a760x6ffffff0
      DT_NULLvalue0x00x0

      Symbols

      NameVersion Info NameVersion Info File NameSection NameValueSizeSymbol TypeSymbol BindSymbol VisibilityNdx
      .dynsym0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
      _ITM_deregisterTMCloneTable.dynsym0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
      _ITM_registerTMCloneTable.dynsym0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
      __assert_failGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      __b64_ntop.dynsym0x655f8284FUNC<unknown>DEFAULT13
      __b64_pton.dynsym0x65714472FUNC<unknown>DEFAULT13
      __ctype_b_locGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      __ctype_tolower_locGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      __environGLIBC_2.4libc.so.6.dynsym0x12e9ec4OBJECT<unknown>DEFAULT24
      __errno_locationGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      __explicit_bzero_chkGLIBC_2.25libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      __fprintf_chkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      __fxstatGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      __fxstat64GLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      __gmon_start__.dynsym0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
      __isoc99_sscanfGLIBC_2.7libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      __libc_start_mainGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      __lxstat64GLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      __memcpy_chkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      __memmove_chkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      __memset_chkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      __poll_chkGLIBC_2.16libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      __printf_chkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      __prognameGLIBC_2.4libc.so.6.dynsym0x12e9e84OBJECT<unknown>DEFAULT24
      __read_chkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      __realpath_chkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      __snprintf_chkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      __sprintf_chkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      __strcat_chkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      __strcpy_chkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      __strncpy_chkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      __syslog_chkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      __vasprintf_chkGLIBC_2.8libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      __vsnprintf_chkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      __xstat64GLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      _exitGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      abortGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      acceptGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      accessGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      alarmGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      atoiGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      bindGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      callocGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      cfsetispeedGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      cfsetospeedGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      chdirGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      chmodGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      chownGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      chrootGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      clock_gettimeGLIBC_2.4librt.so.1.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      closeGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      closedirGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      closelogGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      connectGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      cryptGLIBC_2.4libcrypt.so.1.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      ctimeGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      daemonGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      deflate.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      deflateEnd.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      deflateInit_.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      dirfdGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      dirnameGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      dupGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      dup2GLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      endgrentGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      endpwent.dynsym0xc7f8840FUNC<unknown>DEFAULT13
      environGLIBC_2.4libc.so.6.dynsym0x12e9ec4OBJECT<unknown>DEFAULT24
      error.dynsym0x3f2c444FUNC<unknown>DEFAULT13
      execlGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      execvGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      execveGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      exitGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      fchmodGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      fchownGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      fcloseGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      fcntl64GLIBC_2.28libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      fdopenGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      feofGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      ferrorGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      fflushGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      fgetcGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      fgetpwent_r.dynsym0xc79cc52FUNC<unknown>DEFAULT13
      fgetsGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      filenoGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      flockGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      fopenGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      fopen64GLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      forkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      fprintfGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      fputcGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      fputsGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      freadGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      freeGLIBC_2.4libc.so.6.dynsym0x138e40FUNC<unknown>DEFAULTSHN_UNDEF
      freeaddrinfoGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      fscanfGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      fseekGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      fstatvfs64GLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      fsyncGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      ftellGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      ftruncate64GLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      futimesGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      fwriteGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      gai_strerrorGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      getaddrinfoGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      getcwdGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      getegidGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      getenvGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      geteuidGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      getgidGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      getgrgidGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      getgrnamGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      getgrouplistGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      getgroupsGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      gethostnameGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      getnameinfoGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      getpeernameGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      getpgidGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      getpidGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      getppidGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      getpw.dynsym0xc7ee4140FUNC<unknown>DEFAULT13
      getpwentGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      getpwent_r.dynsym0xc7fb0144FUNC<unknown>DEFAULT13
      getpwnam.dynsym0xc7e7c52FUNC<unknown>DEFAULT13
      getpwnam_r.dynsym0xc7adc168FUNC<unknown>DEFAULT13
      getpwuid.dynsym0xc7e1452FUNC<unknown>DEFAULT13
      getpwuid_r.dynsym0xc7cd4160FUNC<unknown>DEFAULT13
      getsidGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      getsocknameGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      getsockoptGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      getspnamGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      gettimeofdayGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      getuidGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      inet_ntoaGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      inet_ntopGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      inflate.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      inflateEnd.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      inflateInit_.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      initgroupsGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      innetgrGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      ioctlGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      isspaceGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      killGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      linkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      listenGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      localtimeGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      localtime_rGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      loginGLIBC_2.4libutil.so.1.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      logoutGLIBC_2.4libutil.so.1.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      logwtmpGLIBC_2.4libutil.so.1.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      lseek64GLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      mallocGLIBC_2.4libc.so.6.dynsym0x13c440FUNC<unknown>DEFAULTSHN_UNDEF
      memchrGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      memcmpGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      memcpyGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      memmoveGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      memsetGLIBC_2.4libc.so.6.dynsym0x138000FUNC<unknown>DEFAULTSHN_UNDEF
      mkdirGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      mkdtemp.dynsym0x66ea036FUNC<unknown>DEFAULT13
      mkstemp64.dynsym0x66e8c12FUNC<unknown>DEFAULT13
      mkstemps64.dynsym0x66e988FUNC<unknown>DEFAULT13
      openGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      open64GLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      opendirGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      openlogGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      openptyGLIBC_2.4libutil.so.1.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      pcloseGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      perrorGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      pipeGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      pollGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      popenGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      prctlGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      printfGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      putcharGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      putpwent.dynsym0xc8310112FUNC<unknown>DEFAULT13
      putsGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      qsortGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      raiseGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      randGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      readGLIBC_2.4libc.so.6.dynsym0x138fc0FUNC<unknown>DEFAULTSHN_UNDEF
      readdir64GLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      readlinkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      reallocGLIBC_2.4libc.so.6.dynsym0x13ed80FUNC<unknown>DEFAULTSHN_UNDEF
      reallocarrayGLIBC_2.26libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      recvmsgGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      removeGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      renameGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      rewindGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      rmdirGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      selectGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      sendmsgGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      setegidGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      setenvGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      seteuidGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      setgidGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      setgroupsGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      setlogin.dynsym0x653d88FUNC<unknown>DEFAULT13
      setpwent.dynsym0xc7f7024FUNC<unknown>DEFAULT13
      setresgidGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      setresuidGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      setrlimit64GLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      setsidGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      setsockoptGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      setuidGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      shutdownGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      sigactionGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      sigaddsetGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      sigemptysetGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      signalGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      sigprocmaskGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      snprintfGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      socketGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      socketpairGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      sprintfGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      srandGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      sscanfGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      statvfs64GLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      stderrGLIBC_2.4libc.so.6.dynsym0x12e9f84OBJECT<unknown>DEFAULT24
      stdinGLIBC_2.4libc.so.6.dynsym0x12e9f04OBJECT<unknown>DEFAULT24
      stdoutGLIBC_2.4libc.so.6.dynsym0x12e9f44OBJECT<unknown>DEFAULT24
      strcasecmpGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      strchrGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      strcmpGLIBC_2.4libc.so.6.dynsym0x13fbc0FUNC<unknown>DEFAULTSHN_UNDEF
      strcpyGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      strcspnGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      strdupGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      strerrorGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      strftimeGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      strlenGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      strncasecmpGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      strncmpGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      strncpyGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      strpbrkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      strrchrGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      strsepGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      strspnGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      strstrGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      strtodGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      strtokGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      strtok_rGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      strtolGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      strtollGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      strtoulGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      symlinkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      syscallGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      sysconfGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      sysinfoGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      systemGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      tcgetattrGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      tcsendbreakGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      tcsetattrGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      timeGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      truncate64GLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      ttynameGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      umaskGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      uncompress.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      unlinkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      unsetenvGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      usleepGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      utimesGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      vfprintfGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      vsnprintfGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      waitpidGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
      writeGLIBC_2.4libc.so.6.dynsym0x139080FUNC<unknown>DEFAULTSHN_UNDEF

      Network Behavior

      Network Port Distribution

      UDP Packets

      TimestampSource PortDest PortSource IPDest IP
      Oct 29, 2024 22:15:43.646130085 CET4227553192.168.2.138.8.8.8
      Oct 29, 2024 22:15:43.646177053 CET6029253192.168.2.138.8.8.8
      Oct 29, 2024 22:15:43.653573990 CET53602928.8.8.8192.168.2.13
      Oct 29, 2024 22:15:43.654369116 CET53422758.8.8.8192.168.2.13

      DNS Queries

      TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
      Oct 29, 2024 22:15:43.646130085 CET192.168.2.138.8.8.80xfbbdStandard query (0)daisy.ubuntu.comA (IP address)IN (0x0001)false
      Oct 29, 2024 22:15:43.646177053 CET192.168.2.138.8.8.80x2c69Standard query (0)daisy.ubuntu.com28IN (0x0001)false

      DNS Answers

      TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
      Oct 29, 2024 22:15:43.654369116 CET8.8.8.8192.168.2.130xfbbdNo error (0)daisy.ubuntu.com162.213.35.25A (IP address)IN (0x0001)false
      Oct 29, 2024 22:15:43.654369116 CET8.8.8.8192.168.2.130xfbbdNo error (0)daisy.ubuntu.com162.213.35.24A (IP address)IN (0x0001)false

      System Behavior

      General

      Start time (UTC):21:12:56
      Start date (UTC):29/10/2024
      Path:/tmp/sshd.elf
      Arguments:/tmp/sshd.elf
      File size:4956856 bytes
      MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

      Chronological Activities