Joe Sandbox Cloud Basic Analysis Report

Loading Joe Sandbox Report ...

Edit tour

Linux Analysis Report
sshd.elf

Overview

General Information

Sample name:sshd.elf
Analysis ID:1562365
MD5:8e03d921245f9f32ae3b92ed20a5d5e8
SHA1:6eee8855223cdf5109a1f2e51a6231888f4c5595
SHA256:3a2001a431bba6d552f43f6deeaabdcd222cd4bcbef4dd03b916fe9cddeda8a7
Tags:elfuser-abuse_ch
Infos:

Detection

Score:48
Range:0 - 100
Whitelisted:false

Signatures

Multi AV Scanner detection for submitted file
Contains symbols related to standard C library sleeps (sometimes used to evade sandboxing)
Sample contains strings that are potentially command strings
Sample has stripped symbol table
Uses the "uname" system call to query kernel version information (possible evasion)

Classification

General Information

Joe Sandbox version:41.0.0 Charoite
Analysis ID:1562365
Start date and time:2024-11-25 14:41:10 +01:00
Joe Sandbox product:CloudBasic
Overall analysis duration:0h 10m 21s
Hypervisor based Inspection enabled:false
Report type:full
Cookbook file name:defaultlinuxfilecookbook.jbs
Analysis system description:Ubuntu Linux 20.04 x64 (Kernel 5.4.0-72, Firefox 91.0, Evince Document Viewer 3.36.10, LibreOffice 6.4.7.2, OpenJDK 11.0.11)
Analysis Mode:default
Sample name:sshd.elf
Detection:MAL
Classification:mal48.linELF@0/0@2/0
Cookbook Comments:
  • Analysis time extended to 480s due to sleep detection in submitted sample

Warnings

  • VT rate limit hit for: sshd.elf

Runtime Messages

Command:/tmp/sshd.elf
PID:5487
Exit Code:255
Exit Code Info:
Killed:False
Standard Output:

Standard Error:/lib/ld-linux-armhf.so.3: No such file or directory

Process Tree

  • system is lnxubuntu20
  • sshd.elf (PID: 5487, Parent: 5413, MD5: 5ebfcae4fe2471fcc5695c2394773ff1) Arguments: /tmp/sshd.elf
  • cleanup

Yara Signatures

No yara matches

Suricata Signatures

No Suricata rule has matched

Joe Sandbox Signatures

Click to jump to signature section

Show All Signature Results

AV Detection

barindex
Multi AV Scanner detection for submitted file
Source: sshd.elfReversingLabs: Detection: 26%
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: unknownUDP traffic detected without corresponding DNS query: 1.1.1.1
Source: global trafficDNS traffic detected: DNS query: daisy.ubuntu.com
Source: sshd.elfELF static info symbol of initial sample: freeaddrinfo
Source: sshd.elfELF static info symbol of initial sample: gai_strerror
Source: sshd.elfELF static info symbol of initial sample: getaddrinfo
Source: sshd.elfELF static info symbol of initial sample: getnameinfo
Source: sshd.elfString found in binary or memory: http://www.openssl.org/support/faq.html
Source: sshd.elfString found in binary or memory: http://www.openssl.org/support/faq.htmlmd_rand.c
Source: Initial samplePotential command found: ssh server is locked, please try again %dmin after !!!
Source: Initial samplePotential command found: X11 forwarding
Source: Initial samplePotential command found: X11 forwarding disabled in user configuration file.
Source: Initial samplePotential command found: X11 forwarding disabled in server configuration file.
Source: Initial samplePotential command found: X11 display already set.
Source: Initial samplePotential command found: X11 connection requested.
Source: Initial samplePotential command found: X11 connection from %.200s port %d
Source: Initial samplePotential command found: X11 connection rejected because of wrong authentication.
Source: Initial samplePotential command found: X11 rejected %d i%d/o%d
Source: Initial samplePotential command found: X11 closed %d i%d/o%d
Source: Initial samplePotential command found: X11 inet listener
Source: Initial samplePotential command found: X11 connection uses different authentication protocol.
Source: Initial samplePotential command found: X11 auth data does not match fake data.
Source: Initial samplePotential command found: X11 fake_data_len %d != saved_data_len %d
Source: ELF static info symbol of initial sample.symtab present: no
Source: classification engineClassification label: mal48.linELF@0/0@2/0
Source: ELF symbol in initial sampleSymbol name: usleep
Source: /tmp/sshd.elf (PID: 5487)Queries kernel information via 'uname': Jump to behavior
Source: sshd.elf, 5487.1.00007ffe590da000.00007ffe590fb000.rw-.sdmpBinary or memory string: x86_64/usr/bin/qemu-arm/tmp/sshd.elfSUDO_USER=saturninoPATH=/usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin:/snap/binDISPLAY=:1.0XAUTHORITY=/run/user/1000/gdm/XauthoritySUDO_UID=1000TERM=xterm-256colorCOLORTERM=truecolorLOGNAME=rootUSER=rootLANG=en_US.UTF-8SUDO_COMMAND=/bin/bashHOME=/rootMAIL=/var/mail/rootSUDO_GID=1000SHELL=/bin/bash/tmp/sshd.elf
Source: sshd.elf, 5487.1.000055d327fc2000.000055d3280f0000.rw-.sdmpBinary or memory string: U!/etc/qemu-binfmt/arm
Source: sshd.elf, 5487.1.00007ffe590da000.00007ffe590fb000.rw-.sdmpBinary or memory string: qemu: %s: %s
Source: sshd.elf, 5487.1.00007ffe590da000.00007ffe590fb000.rw-.sdmpBinary or memory string: leqemu: %s: %s
Source: sshd.elf, 5487.1.000055d327fc2000.000055d3280f0000.rw-.sdmpBinary or memory string: Urg.qemu.gdb.arm.sys.regs">
Source: sshd.elf, 5487.1.000055d327fc2000.000055d3280f0000.rw-.sdmpBinary or memory string: /etc/qemu-binfmt/arm
Source: sshd.elf, 5487.1.00007ffe590da000.00007ffe590fb000.rw-.sdmpBinary or memory string: /usr/bin/qemu-arm
Source: sshd.elf, 5487.1.000055d327fc2000.000055d3280f0000.rw-.sdmpBinary or memory string: rg.qemu.gdb.arm.sys.regs">

Mitre Att&ck Matrix

ReconnaissanceResource DevelopmentInitial AccessExecutionPersistencePrivilege EscalationDefense EvasionCredential AccessDiscoveryLateral MovementCollectionCommand and ControlExfiltrationImpact
Gather Victim Identity InformationAcquire InfrastructureValid Accounts1
Command and Scripting Interpreter		Path InterceptionPath Interception1
Virtualization/Sandbox Evasion		OS Credential Dumping11
Security Software Discovery		Remote ServicesData from Local System1
Non-Application Layer Protocol		Exfiltration Over Other Network MediumAbuse Accessibility Features
CredentialsDomainsDefault AccountsScheduled Task/JobBoot or Logon Initialization ScriptsBoot or Logon Initialization ScriptsRootkitLSASS Memory1
Virtualization/Sandbox Evasion		Remote Desktop ProtocolData from Removable Media1
Application Layer Protocol		Exfiltration Over BluetoothNetwork Denial of Service

Malware Configuration

No configs have been found

Behavior Graph

Hide Legend

Legend:

  • Process
  • Signature
  • Created File
  • DNS/IP Info
  • Is Dropped
  • Number of created Files
  • Is malicious
  • Internet

Antivirus, Machine Learning and Genetic Malware Detection

Initial Sample

SourceDetectionScannerLabelLink
sshd.elf26%ReversingLabsLinux.Trojan.SSHDoor

Dropped Files

No Antivirus matches

Domains

No Antivirus matches

URLs

No Antivirus matches

Domains and IPs

Contacted Domains

NameIPActiveMaliciousAntivirus DetectionReputation
daisy.ubuntu.com
162.213.35.25
truefalse
    		high

    URLs from Memory and Binaries

    NameSourceMaliciousAntivirus DetectionReputation
    http://www.openssl.org/support/faq.htmlmd_rand.csshd.elffalse
      		high
      http://www.openssl.org/support/faq.htmlsshd.elffalse
        		high

        World Map of Contacted IPs

        No contacted IP infos

        Joe Sandbox View / Context

        IPs

        No context

        Domains

        MatchAssociated Sample Name / URLSHA 256DetectionThreat NameLinkContext
        daisy.ubuntu.comloligang.arm5.elfGet hashmaliciousMiraiBrowse
        • 162.213.35.24
        Mozi.m.elfGet hashmaliciousUnknownBrowse
        • 162.213.35.24
        loligang.arm6.elfGet hashmaliciousMiraiBrowse
        • 162.213.35.24
        sshd.elfGet hashmaliciousUnknownBrowse
        • 162.213.35.25
        pXdN91.armv4l.elfGet hashmaliciousMirai, GafgytBrowse
        • 162.213.35.24
        pXdN91.sh4.elfGet hashmaliciousMirai, GafgytBrowse
        • 162.213.35.24
        pXdN91.mipsel.elfGet hashmaliciousMirai, GafgytBrowse
        • 162.213.35.24
        pXdN91.x68.elfGet hashmaliciousMirai, GafgytBrowse
        • 162.213.35.24
        apep.mpsl.elfGet hashmaliciousMiraiBrowse
        • 162.213.35.24
        apep.spc.elfGet hashmaliciousMiraiBrowse
        • 162.213.35.25

        ASNs

        No context

        JA3 Fingerprints

        No context

        Dropped Files

        No context

        Created / dropped Files

        No created / dropped files found

        Static File Info

        General

        File type:ELF 32-bit LSB executable, ARM, EABI5 version 1 (SYSV), dynamically linked, interpreter /lib/ld-linux-armhf.so.3, for GNU/Linux 3.2.0, stripped
        Entropy (8bit):6.236012987747686
        TrID:
        • ELF Executable and Linkable format (generic) (4004/1) 100.00%
        File name:sshd.elf
        File size:1'110'304 bytes
        MD5:8e03d921245f9f32ae3b92ed20a5d5e8
        SHA1:6eee8855223cdf5109a1f2e51a6231888f4c5595
        SHA256:3a2001a431bba6d552f43f6deeaabdcd222cd4bcbef4dd03b916fe9cddeda8a7
        SHA512:43de1707444ac46a9a2045d6eac13bdb775234467cdebf51dac27392853257b28c49f490a16fc746e34bd20ff893d02a502ebdf06a0beb5d6201ab8a1b63dd56
        SSDEEP:12288:E8dASOYRNCAJump208iJftl7zmnSrlcaUxQ5TVFQGl9eLtRajZa6BTxIVD7bLv:E8dbbsO38+TfgRiPIVvv
        TLSH:75356D56F9808EA2C5D8177BF75D835833134B78D7DEB102CD08672877AB95A0E3B982
        File Content Preview:.ELF..............(......d..4...p.......4. ...(........p\...\...\.......................4...4...4... ... ...............T...T...T...................................h...h...........................0....m..........................(...(...............p...p..

        Static ELF Info

        ELF header

        Class:ELF32
        Data:2's complement, little endian
        Version:1 (current)
        Machine:ARM
        Version Number:0x1
        Type:EXEC (Executable file)
        OS/ABI:UNIX - System V
        ABI Version:0
        Entry Point Address:0x164f4
        Flags:0x5000400
        ELF Header Size:52
        Program Header Offset:52
        Program Header Size:32
        Number of Program Headers:9
        Section Header Offset:1109104
        Section Header Size:40
        Number of Section Headers:30
        Header String Table Index:29

        Sections

        NameTypeAddressOffsetSizeEntSizeFlagsFlags DescriptionLinkInfoAlign
        NULL0x00x00x00x00x0000
        .interpPROGBITS0x101540x1540x190x00x2A001
        .note.ABI-tagNOTE0x101700x1700x200x00x2A004
        .hashHASH0x101900x1900x7380x40x2A504
        .gnu.hashGNU_HASH0x108c80x8c80x8300x40x2A504
        .dynsymDYNSYM0x110f80x10f80x10700x100x2A614
        .dynstrSTRTAB0x121680x21680x90e0x00x2A001
        .gnu.versionVERSYM0x12a760x2a760x20e0x20x2A502
        .gnu.version_rVERNEED0x12c840x2c840xe00x00x2A644
        .rel.dynREL0x12d640x2d640x380x80x2A504
        .rel.pltREL0x12d9c0x2d9c0x7680x80x42AI5224
        .initPROGBITS0x135040x35040xc0x00x6AX004
        .pltPROGBITS0x135100x35100xb300x40x6AX004
        .textPROGBITS0x140400x40400xb55940x00x6AX008
        .finiPROGBITS0xc95d40xb95d40x80x00x6AX004
        .rodataPROGBITS0xc95e00xb95e00x53f7c0x00x2A008
        .ARM.exidxARM_EXIDX0x11d55c0x10d55c0x80x00x82AL1304
        .eh_framePROGBITS0x11d5640x10d5640x40x00x2A004
        .init_arrayINIT_ARRAY0x12deb40x10deb40x40x40x3WA004
        .fini_arrayFINI_ARRAY0x12deb80x10deb80x40x40x3WA004
        .data.rel.roPROGBITS0x12debc0x10debc0x1c0x00x3WA004
        .dynamicDYNAMIC0x12ded80x10ded80x1280x80x3WA604
        .gotPROGBITS0x12e0000x10e0000x3d40x40x3WA004
        .dataPROGBITS0x12e3d40x10e3d40x6100x00x3WA004
        .bssNOBITS0x12e9e80x10e9e40x62600x00x3WA008
        .commentPROGBITS0x00x10e9e40x550x10x30MS001
        .ARM.attributesARM_ATTRIBUTES0x00x10ea390x350x00x0001
        .miscpathPROGBITS0x00x10ea6e0x00x00x0001
        .dhsecPROGBITS0x00x10ea6e0x1000x00x0001
        .shstrtabSTRTAB0x00x10eb6e0x1000x00x0001

        Program Segments

        TypeOffsetVirtual AddressPhysical AddressFile SizeMemory SizeEntropyFlagsFlags DescriptionAlignProg InterpreterSection Mappings
        EXIDX0x10d55c0x11d55c0x11d55c0x80x82.40560x4R 0x4.ARM.exidx
        PHDR0x340x100340x100340x1200x1202.80010x4R 0x4
        INTERP0x1540x101540x101540x190x194.13370x4R 0x1/lib/ld-linux-armhf.so.3.interp
        LOAD0x00x100000x100000x10d5680x10d5686.24890x5R E0x10000.interp .note.ABI-tag .hash .gnu.hash .dynsym .dynstr .gnu.version .gnu.version_r .rel.dyn .rel.plt .init .plt .text .fini .rodata .ARM.exidx .eh_frame
        LOAD0x10deb40x12deb40x12deb40xb300x6d943.73170x6RW 0x10000.init_array .fini_array .data.rel.ro .dynamic .got .data .bss
        DYNAMIC0x10ded80x12ded80x12ded80x1280x1282.68160x6RW 0x4.dynamic
        NOTE0x1700x101700x101700x200x201.56130x4R 0x4.note.ABI-tag
        GNU_STACK0x00x00x00x00x00.00000x6RW 0x10
        GNU_RELRO0x10deb40x12deb40x12deb40x14c0x14c3.01430x4R 0x1.init_array .fini_array .data.rel.ro .dynamic

        Dynamic Tags

        TypeMetaValueTag
        DT_NEEDEDsharedliblibrt.so.10x1
        DT_NEEDEDsharedliblibdl.so.20x1
        DT_NEEDEDsharedliblibutil.so.10x1
        DT_NEEDEDsharedliblibcrypt.so.10x1
        DT_NEEDEDsharedliblibresolv.so.20x1
        DT_NEEDEDsharedliblibz.so.10x1
        DT_NEEDEDsharedliblibm.so.60x1
        DT_NEEDEDsharedliblibc.so.60x1
        DT_INITvalue0x135040xc
        DT_FINIvalue0xc95d40xd
        DT_INIT_ARRAYvalue0x12deb40x19
        DT_INIT_ARRAYSZbytes40x1b
        DT_FINI_ARRAYvalue0x12deb80x1a
        DT_FINI_ARRAYSZbytes40x1c
        DT_HASHvalue0x101900x4
        DT_GNU_HASHvalue0x108c80x6ffffef5
        DT_STRTABvalue0x121680x5
        DT_SYMTABvalue0x110f80x6
        DT_STRSZbytes23180xa
        DT_SYMENTbytes160xb
        DT_DEBUGvalue0x00x15
        DT_PLTGOTvalue0x12e0000x3
        DT_PLTRELSZbytes18960x2
        DT_PLTRELpltrelDT_REL0x14
        DT_JMPRELvalue0x12d9c0x17
        DT_RELvalue0x12d640x11
        DT_RELSZbytes560x12
        DT_RELENTbytes80x13
        DT_VERNEEDvalue0x12c840x6ffffffe
        DT_VERNEEDNUMvalue40x6fffffff
        DT_VERSYMvalue0x12a760x6ffffff0
        DT_NULLvalue0x00x0

        Symbols

        NameVersion Info NameVersion Info File NameSection NameValueSizeSymbol TypeSymbol BindSymbol VisibilityNdx
        .dynsym0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
        _ITM_deregisterTMCloneTable.dynsym0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
        _ITM_registerTMCloneTable.dynsym0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
        __assert_failGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        __b64_ntop.dynsym0x655f8284FUNC<unknown>DEFAULT13
        __b64_pton.dynsym0x65714472FUNC<unknown>DEFAULT13
        __ctype_b_locGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        __ctype_tolower_locGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        __environGLIBC_2.4libc.so.6.dynsym0x12e9ec4OBJECT<unknown>DEFAULT24
        __errno_locationGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        __explicit_bzero_chkGLIBC_2.25libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        __fprintf_chkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        __fxstatGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        __fxstat64GLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        __gmon_start__.dynsym0x00NOTYPE<unknown>DEFAULTSHN_UNDEF
        __isoc99_sscanfGLIBC_2.7libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        __libc_start_mainGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        __lxstat64GLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        __memcpy_chkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        __memmove_chkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        __memset_chkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        __poll_chkGLIBC_2.16libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        __printf_chkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        __prognameGLIBC_2.4libc.so.6.dynsym0x12e9e84OBJECT<unknown>DEFAULT24
        __read_chkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        __realpath_chkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        __snprintf_chkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        __sprintf_chkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        __strcat_chkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        __strcpy_chkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        __strncpy_chkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        __syslog_chkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        __vasprintf_chkGLIBC_2.8libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        __vsnprintf_chkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        __xstat64GLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        _exitGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        abortGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        acceptGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        accessGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        alarmGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        atoiGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        bindGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        callocGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        cfsetispeedGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        cfsetospeedGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        chdirGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        chmodGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        chownGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        chrootGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        clock_gettimeGLIBC_2.4librt.so.1.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        closeGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        closedirGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        closelogGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        connectGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        cryptGLIBC_2.4libcrypt.so.1.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        ctimeGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        daemonGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        deflate.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        deflateEnd.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        deflateInit_.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        dirfdGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        dirnameGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        dupGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        dup2GLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        endgrentGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        endpwent.dynsym0xc7f8840FUNC<unknown>DEFAULT13
        environGLIBC_2.4libc.so.6.dynsym0x12e9ec4OBJECT<unknown>DEFAULT24
        error.dynsym0x3f2c444FUNC<unknown>DEFAULT13
        execlGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        execvGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        execveGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        exitGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        fchmodGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        fchownGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        fcloseGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        fcntl64GLIBC_2.28libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        fdopenGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        feofGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        ferrorGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        fflushGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        fgetcGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        fgetpwent_r.dynsym0xc79cc52FUNC<unknown>DEFAULT13
        fgetsGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        filenoGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        flockGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        fopenGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        fopen64GLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        forkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        fprintfGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        fputcGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        fputsGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        freadGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        freeGLIBC_2.4libc.so.6.dynsym0x138e40FUNC<unknown>DEFAULTSHN_UNDEF
        freeaddrinfoGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        fscanfGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        fseekGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        fstatvfs64GLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        fsyncGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        ftellGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        ftruncate64GLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        futimesGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        fwriteGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        gai_strerrorGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        getaddrinfoGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        getcwdGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        getegidGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        getenvGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        geteuidGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        getgidGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        getgrgidGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        getgrnamGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        getgrouplistGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        getgroupsGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        gethostnameGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        getnameinfoGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        getpeernameGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        getpgidGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        getpidGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        getppidGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        getpw.dynsym0xc7ee4140FUNC<unknown>DEFAULT13
        getpwentGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        getpwent_r.dynsym0xc7fb0144FUNC<unknown>DEFAULT13
        getpwnam.dynsym0xc7e7c52FUNC<unknown>DEFAULT13
        getpwnam_r.dynsym0xc7adc168FUNC<unknown>DEFAULT13
        getpwuid.dynsym0xc7e1452FUNC<unknown>DEFAULT13
        getpwuid_r.dynsym0xc7cd4160FUNC<unknown>DEFAULT13
        getsidGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        getsocknameGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        getsockoptGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        getspnamGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        gettimeofdayGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        getuidGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        inet_ntoaGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        inet_ntopGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        inflate.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        inflateEnd.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        inflateInit_.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        initgroupsGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        innetgrGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        ioctlGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        isspaceGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        killGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        linkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        listenGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        localtimeGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        localtime_rGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        loginGLIBC_2.4libutil.so.1.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        logoutGLIBC_2.4libutil.so.1.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        logwtmpGLIBC_2.4libutil.so.1.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        lseek64GLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        mallocGLIBC_2.4libc.so.6.dynsym0x13c440FUNC<unknown>DEFAULTSHN_UNDEF
        memchrGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        memcmpGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        memcpyGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        memmoveGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        memsetGLIBC_2.4libc.so.6.dynsym0x138000FUNC<unknown>DEFAULTSHN_UNDEF
        mkdirGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        mkdtemp.dynsym0x66ea036FUNC<unknown>DEFAULT13
        mkstemp64.dynsym0x66e8c12FUNC<unknown>DEFAULT13
        mkstemps64.dynsym0x66e988FUNC<unknown>DEFAULT13
        openGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        open64GLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        opendirGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        openlogGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        openptyGLIBC_2.4libutil.so.1.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        pcloseGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        perrorGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        pipeGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        pollGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        popenGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        prctlGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        printfGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        putcharGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        putpwent.dynsym0xc8310112FUNC<unknown>DEFAULT13
        putsGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        qsortGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        raiseGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        randGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        readGLIBC_2.4libc.so.6.dynsym0x138fc0FUNC<unknown>DEFAULTSHN_UNDEF
        readdir64GLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        readlinkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        reallocGLIBC_2.4libc.so.6.dynsym0x13ed80FUNC<unknown>DEFAULTSHN_UNDEF
        reallocarrayGLIBC_2.26libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        recvmsgGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        removeGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        renameGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        rewindGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        rmdirGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        selectGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        sendmsgGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        setegidGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        setenvGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        seteuidGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        setgidGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        setgroupsGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        setlogin.dynsym0x653d88FUNC<unknown>DEFAULT13
        setpwent.dynsym0xc7f7024FUNC<unknown>DEFAULT13
        setresgidGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        setresuidGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        setrlimit64GLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        setsidGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        setsockoptGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        setuidGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        shutdownGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        sigactionGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        sigaddsetGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        sigemptysetGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        signalGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        sigprocmaskGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        snprintfGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        socketGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        socketpairGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        sprintfGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        srandGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        sscanfGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        statvfs64GLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        stderrGLIBC_2.4libc.so.6.dynsym0x12e9f84OBJECT<unknown>DEFAULT24
        stdinGLIBC_2.4libc.so.6.dynsym0x12e9f04OBJECT<unknown>DEFAULT24
        stdoutGLIBC_2.4libc.so.6.dynsym0x12e9f44OBJECT<unknown>DEFAULT24
        strcasecmpGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        strchrGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        strcmpGLIBC_2.4libc.so.6.dynsym0x13fbc0FUNC<unknown>DEFAULTSHN_UNDEF
        strcpyGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        strcspnGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        strdupGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        strerrorGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        strftimeGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        strlenGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        strncasecmpGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        strncmpGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        strncpyGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        strpbrkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        strrchrGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        strsepGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        strspnGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        strstrGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        strtodGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        strtokGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        strtok_rGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        strtolGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        strtollGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        strtoulGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        symlinkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        syscallGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        sysconfGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        sysinfoGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        systemGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        tcgetattrGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        tcsendbreakGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        tcsetattrGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        timeGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        truncate64GLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        ttynameGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        umaskGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        uncompress.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        unlinkGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        unsetenvGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        usleepGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        utimesGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        vfprintfGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        vsnprintfGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        waitpidGLIBC_2.4libc.so.6.dynsym0x00FUNC<unknown>DEFAULTSHN_UNDEF
        writeGLIBC_2.4libc.so.6.dynsym0x139080FUNC<unknown>DEFAULTSHN_UNDEF

        Network Behavior

        Network Port Distribution

        UDP Packets

        TimestampSource PortDest PortSource IPDest IP
        Nov 25, 2024 14:44:42.843700886 CET4524753192.168.2.141.1.1.1
        Nov 25, 2024 14:44:42.843772888 CET5141053192.168.2.141.1.1.1
        Nov 25, 2024 14:44:43.068558931 CET53514101.1.1.1192.168.2.14
        Nov 25, 2024 14:44:43.099921942 CET53452471.1.1.1192.168.2.14

        DNS Queries

        TimestampSource IPDest IPTrans IDOP CodeNameTypeClassDNS over HTTPS
        Nov 25, 2024 14:44:42.843700886 CET192.168.2.141.1.1.10x9fcStandard query (0)daisy.ubuntu.comA (IP address)IN (0x0001)false
        Nov 25, 2024 14:44:42.843772888 CET192.168.2.141.1.1.10x27b4Standard query (0)daisy.ubuntu.com28IN (0x0001)false

        DNS Answers

        TimestampSource IPDest IPTrans IDReply CodeNameCNameAddressTypeClassDNS over HTTPS
        Nov 25, 2024 14:44:43.099921942 CET1.1.1.1192.168.2.140x9fcNo error (0)daisy.ubuntu.com162.213.35.25A (IP address)IN (0x0001)false
        Nov 25, 2024 14:44:43.099921942 CET1.1.1.1192.168.2.140x9fcNo error (0)daisy.ubuntu.com162.213.35.24A (IP address)IN (0x0001)false

        System Behavior

        General

        Start time (UTC):13:41:56
        Start date (UTC):25/11/2024
        Path:/tmp/sshd.elf
        Arguments:/tmp/sshd.elf
        File size:4956856 bytes
        MD5 hash:5ebfcae4fe2471fcc5695c2394773ff1

        Chronological Activities