Edit tour
Linux
Analysis Report
criptonize.arc700.elf
Overview
General Information
| Sample name: | criptonize.arc700.elf |
| Analysis ID: | 1500283 |
| MD5: | 922797db0e0e3ef07b7d56948c7c9df9 |
| SHA1: | 19abfa4c86ae3544960c0e0e649971a3f6849455 |
| SHA256: | 1cd93e1c674d08f1f28eab3b06a564674f60712c264ba60e8b7e2da8e2ec9d41 |
| Tags: | criptonizeelf |
Errors
| |
Detection
| Score: | 0 |
| Range: | 0 - 100 |
| Whitelisted: | false |
Signatures
Sample has stripped symbol table
Classification
| Joe Sandbox version: | 40.0.0 Tourmaline |
| Analysis ID: | 1500283 |
| Start date and time: | 2024-08-28 07:28:51 +02:00 |
| Joe Sandbox product: | CloudBasic |
| Overall analysis duration: | 0h 4m 32s |
| Hypervisor based Inspection enabled: | false |
| Report type: | full |
| Cookbook file name: | defaultlinuxfilecookbook.jbs |
| Analysis system description: | Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11) |
| Analysis Mode: | default |
| Sample name: | criptonize.arc700.elf |
| Detection: | UNKNOWN |
| Classification: | unknown0.linELF@0/0@0/0 |
- No process behavior to analyse as no analysis process or sample was found
| Command: | /tmp/criptonize.arc700.elf |
| PID: | 5478 |
| Exit Code: | 255 |
| Exit Code Info: | |
| Killed: | False |
| Standard Output: | |
| Standard Error: |
⊘No yara matches
⊘No Suricata rule has matched
Click to jump to signature section
Show All Signature Results
There are no malicious signatures, click here to show all signatures.
| Source: | .symtab present: | ||
| Source: | Classification label: | ||
⊘No Mitre Att&ck techniques found
⊘No configs have been found
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
⊘No Antivirus matches
⊘No created / dropped files found
| File type: | |
| Entropy (8bit): | 6.369023213755074 |
| TrID: |
|
| File name: | criptonize.arc700.elf |
| File size: | 132'584 bytes |
| MD5: | 922797db0e0e3ef07b7d56948c7c9df9 |
| SHA1: | 19abfa4c86ae3544960c0e0e649971a3f6849455 |
| SHA256: | 1cd93e1c674d08f1f28eab3b06a564674f60712c264ba60e8b7e2da8e2ec9d41 |
| SHA512: | 3cd4a36b60244ba2e8619a0e5c879040f5e927bcd67e0c6dff3c70f61be7f05dcff854daf813517afce40ff92f79a48a5ae447f64a1a3ceab53e83bf2cf4e28b |
| SSDEEP: | 3072:2kEOX/ohDPd99g38xOMdIOtdqTaQCwhgBCUuqYYFHNq:bCdDgMxO0v0/X+CUvYgq |
| TLSH: | 00D3AEABB20F1461C82507F51BCF9B6D2A2325018D6B92E77D5E373F2A335EA58053D2 |
| File Content Preview: | .ELF..............].........4...h.......4. ...(..................... ... ........ .......................`....... ..................................................................Q.td....................................................................... |
ELF header | |
|---|---|
| Class: | |
| Data: | |
| Version: | |
| Machine: | |
| Version Number: | |
| Type: | |
| OS/ABI: | |
| ABI Version: | 0 |
| Entry Point Address: | |
| Flags: | |
| ELF Header Size: | 52 |
| Program Header Offset: | 52 |
| Program Header Size: | 32 |
| Number of Program Headers: | 5 |
| Section Header Offset: | 131944 |
| Section Header Size: | 40 |
| Number of Section Headers: | 16 |
| Header String Table Index: | 15 |
| Name | Type | Address | Offset | Size | EntSize | Flags | Flags Description | Link | Info | Align |
|---|---|---|---|---|---|---|---|---|---|---|
| NULL | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0 | 0 | 0 | ||
| .init | PROGBITS | 0x10114 | 0x114 | 0x22 | 0x0 | 0x6 | AX | 0 | 0 | 1 |
| .text | PROGBITS | 0x10138 | 0x138 | 0x15088 | 0x0 | 0x6 | AX | 0 | 0 | 4 |
| .fini | PROGBITS | 0x251c0 | 0x151c0 | 0x16 | 0x0 | 0x6 | AX | 0 | 0 | 1 |
| .rodata | PROGBITS | 0x251d8 | 0x151d8 | 0x7f58 | 0x0 | 0x2 | A | 0 | 0 | 4 |
| .eh_frame | PROGBITS | 0x2d130 | 0x1d130 | 0x11f0 | 0x0 | 0x2 | A | 0 | 0 | 4 |
| .tdata | PROGBITS | 0x31fd0 | 0x1ffd0 | 0x4 | 0x0 | 0x403 | WAT | 0 | 0 | 4 |
| .tbss | NOBITS | 0x31fd4 | 0x1ffd4 | 0x8 | 0x0 | 0x403 | WAT | 0 | 0 | 4 |
| .fini_array | FINI_ARRAY | 0x31fd4 | 0x1ffd4 | 0x4 | 0x4 | 0x3 | WA | 0 | 0 | 4 |
| .ctors | PROGBITS | 0x31fd8 | 0x1ffd8 | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
| .dtors | PROGBITS | 0x31fe0 | 0x1ffe0 | 0x8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
| .got | PROGBITS | 0x31fe8 | 0x1ffe8 | 0x14 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
| .data | PROGBITS | 0x32008 | 0x20008 | 0x2b8 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
| .bss | NOBITS | 0x322c0 | 0x202c0 | 0x5dc4 | 0x0 | 0x3 | WA | 0 | 0 | 4 |
| .ARC.attributes | <unknown> | 0x0 | 0x202c0 | 0x32 | 0x0 | 0x0 | 0 | 0 | 1 | |
| .shstrtab | STRTAB | 0x0 | 0x202f2 | 0x76 | 0x0 | 0x0 | 0 | 0 | 1 |
| Type | Offset | Virtual Address | Physical Address | File Size | Memory Size | Entropy | Flags | Flags Description | Align | Prog Interpreter | Section Mappings |
|---|---|---|---|---|---|---|---|---|---|---|---|
| LOAD | 0x0 | 0x10000 | 0x10000 | 0x1e320 | 0x1e320 | 6.6312 | 0x5 | R E | 0x2000 | .init .text .fini .rodata .eh_frame | |
| LOAD | 0x1ffd0 | 0x31fd0 | 0x31fd0 | 0x2f0 | 0x60b4 | 3.6801 | 0x6 | RW | 0x2000 | .tdata .tbss .fini_array .ctors .dtors .got .data .bss | |
| NOTE | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0.0000 | 0x4 | R | 0x4 | ||
| TLS | 0x1ffd0 | 0x31fd0 | 0x31fd0 | 0x4 | 0xc | 2.0000 | 0x4 | R | 0x4 | .tdata .tbss | |
| GNU_STACK | 0x0 | 0x0 | 0x0 | 0x0 | 0x0 | 0.0000 | 0x6 | RW | 0x4 |
⊘No network behavior found