Scribd Logo
Upload

Welcome to Scribd!

  • 21 views

    Chat With PDF

    Uploaded by

    zk55595559
    The summary analyzes a sandbox report file for a Linux process. It lists key metadata and behavioral details that could be extracted for machine learning, including file attributes, system calls, network activity, and process details. The summary also lists specific features available in the given report, such as file size, entry point, and function names.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd

    Chat With PDF

    Uploaded by

    zk55595559
    21 views4 pages
    The summary analyzes a sandbox report file for a Linux process. It lists key metadata and behavioral details that could be extracted for machine learning, including file attributes, system calls, network activity, and process details. The summary also lists specific features available in the given report, such as file size, entry point, and function names.

    Original Title

    Chat with PDF

    Copyright

    © © All Rights Reserved

    Available Formats

    PDF, TXT or read online from Scribd

    Did you find this document useful?

    Is this content inappropriate?

    The summary analyzes a sandbox report file for a Linux process. It lists key metadata and behavioral details that could be extracted for machine learning, including file attributes, system calls, network activity, and process details. The summary also lists specific features available in the given report, such as file size, entry point, and function names.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    21 views4 pages

    Chat With PDF

    Uploaded by

    zk55595559
    The summary analyzes a sandbox report file for a Linux process. It lists key metadata and behavioral details that could be extracted for machine learning, including file attributes, system calls, network activity, and process details. The summary also lists specific features available in the given report, such as file size, entry point, and function names.

    Copyright:

    © All Rights Reserved
    Download as PDF, TXT or read online from Scribd
    Download as pdf or txt
    of 4

    Menu:

    Upload your PDF File and Click on the Submit &


    Process Button

    Drag and drop file here


    Limit 200MB per file

    Browse files

    report.pdf
    218.4KB

    Submit & Process

    Chat with PDF using


    Ask a Question from the PDF Files
    ❤️
    if this ome kind of sandbox report of ransomwhere fle of linux,i have such kind of sandbox reports, what

    Reply: Features that can be extracted from the sandbox report for ML model training:

    File Metadata:
    File size
    File type (ELF, PE, etc.)
    File permissions
    File creation/modification timestamps
    File owner/group
    Code Analysis:
    Entry point address
    Function names and signatures
    Control flow graph
    Data flow graph
    Static analysis results (e.g., strings, symbols, imports)
    Network Activity:
    IP addresses and ports connected to
    DNS queries
    HTTP requests and responses
    Process Activity:
    Process name and ID
    Parent process ID
    Command line arguments
    Memory usage
    CPU usage
    System Calls:
    System calls made by the process
    Arguments to system calls
    Malware Capabilities:
    Capabilities detected by YARA rules
    Anti-analysis techniques used
    Packers:
    Packers used to obfuscate the file
    Dependencies:
    Shared libraries and other dependencies used by the file

    Features already available in the given report:

    File size: 1577.34 KB (1615200 bytes)


    File type: ELF 64-bit LSB executable, x86-64, version 1 (SYSV), dynamically linked, interpreter
    /lib64/ld-linux-x86-64.so.2, for GNU/Linux 2.6.18,
    BuildID[sha1]=9e5abcc860297089e29ac8ad8af735b4bc7c4bfe, stripped
    Entry point address: 0x414630
    Function names and signatures:
    _ZN8CryptoPP16DL_Public
    _ZN8CryptoPP10g_hasSSSE3E
    _ZTVN8CryptoPP22HashVerif
    _ZTIPN8CryptoPP12DL_Publi
    _ZN8CryptoPP16HashInputTo
    _ZTVN8CryptoPP31IteratedH
    _ZTVN8CryptoPP18CFB_Ciphe
    _ZTVN8CryptoPP10DL_KeyImp
    _ZN8CryptoPP10simple_ptrI
    _ZTTN8CryptoPP10DL_KeyImp
    _ZN8CryptoPP14PolynomialM
    ZTVN8CryptoPP6DL_KeyINS
    _ZNSt15basic_stringbufIcS
    _ZTVN8CryptoPP9ByteQueueE
    ZTVN8CryptoPP6DL_KeyINS
    _ZTVN8CryptoPP8Rijndael4B
    __gxx_personality_v0@CXXABI_1.3 (2)
    _ZTVN8CryptoPP33PK_Signat
    _ZTVN8CryptoPP7DL_BaseINS
    _ZTVN8CryptoPP26DL_FixedB
    _ZTIN8CryptoPP18PK_Signat
    _ZTVN8CryptoPP18DL_GroupP
    _ZTVSt9basic_iosIcSt11cha@GLIBCXX_3.4 (4)
    _ZTVN8CryptoPP26DL_FixedB
    _ZTTN8CryptoPP16CryptoPar
    _ZTTN8CryptoPP22DL_GroupP
    _ZN8CryptoPP7Integer12Div
    _ZZNK8CryptoPP24DL_Algori
    _ZTIN8CryptoPP17InvalidDa
    _ZTVN8CryptoPP4HMACINS_6S
    _ZTIN8CryptoPP9FileStore7
    _ZTTN8CryptoPP16DL_Privat
    _ZTVN8CryptoPP8FileSinkE
    _ZTVN8CryptoPP14NotImplem
    _ZGVZNK8CryptoPP9Singleto
    _ZTVN8CryptoPP4SHA3E
    ZNSs4_Rep20_S_empty_rep@GLIBCXX_3.4 (4)
    _ZTTN8CryptoPP16DL_Public
    _ZTVN8CryptoPP20FilterPut
    _ZTVN8CryptoPP38CipherMod
    _ZTVN8CryptoPP34PK_Encryp
    _ZTVN8CryptoPP30DL_FixedB
    _ZTTN8CryptoPP50DL_Privat
    _ZTVN8CryptoPP12SignerFil
    _ZTVN8CryptoPP3MDCINS_4SH
    _ZTIPN8CryptoPP16DL_Publi
    _ZZNK8CryptoPP9SingletonI
    _ZTTN8CryptoPP17DL_Privat
    _ZTVN8CryptoPP38CipherMod
    _ZTIPN8CryptoPP21RandomNu
    _ZTVN8CryptoPP16IteratedH
    _ZTVN8CryptoPP14Salsa20_P
    _ZTVN8CryptoPP10DL_KeyImp
    _ZTTN8CryptoPP17DL_Privat
    _ZN8CryptoPP7Integer16Ope
    _ZN8CryptoPP25Baseline_Mu
    _ZTIN8CryptoPP3ECPE
    _ZTTN8CryptoPP10DL_KeyImp
    _ZTVN8CryptoPP12DL_Public
    _ZTVN8CryptoPP38CipherMod
    _ZTVN8CryptoPP27Algorithm
    _ZTVN8CryptoPP18NullNameV
    _ZTVN8CryptoPP13DL_Object
    _ZTVN8CryptoPP19Algorithm
    _ZTVN8CryptoPP10LazyPutte
    _ZN8CryptoPP13InvalidRoun
    _ZTIPN8CryptoPP12DL_Publi
    _ZTVN8CryptoPP26StreamTra
    _ZTVN8CryptoPP7GrouperE
    _ZTIN8CryptoPP8ECPPointE
    _ZTVN8CryptoPP50DL_Privat
    _ZTIN8CryptoPP14NotImplem
    _ZTIPN8CryptoPP17DL_Priva
    _ZTVN8CryptoPP27BlockOrie
    _ZTVN8CryptoPP7Integer12D
    _ZTTN8CryptoPP22DL_GroupP
    _ZTVN8CryptoPP22MaskGener
    _ZTIN8CryptoPP22HashVerif
    _ZTTN8CryptoPP10DL_KeyImp
    _ZTVN8CryptoPP24Montgomer
    _ZTVN8CryptoPP27Signature
    _ZN8CryptoPP16InvalidKeyL
    _ZTVN8CryptoPP18BERSequen
    _ZN8CryptoPP21Baseline_Mu
    _ZTVN8CryptoPP11CannotFlu
    _ZN8CryptoPP17InvalidCiph
    _ZTVN8CryptoPP16PK_FinalT
    _ZN8CryptoPP6g_isP4E
    _ZTVN8CryptoPP13DL_Privat
    _ZTIN8CryptoPP7Integer16R
    _ZTVN8CryptoPP15SelfTestF
    _ZZNK8CryptoPP24DL_Algori
    _ZTVN8CryptoPP12AbstractR
    _ZTVN8CryptoPP16BlockCiph
    _ZTVN8CryptoPP12EncodedPo
    _ZTIN8CryptoPP17DL_Privat
    _ZN8CryptoPP8SHA512_KE
    _ZTTN8CryptoPP10PrivateKe
    _ZTVN8CryptoPP28AdditiveC
    _ZTVN8CryptoPP11ProxyFilt
    s_sosemanukMulTables
    _ZTVN8CryptoPP24DL_Algori
    _ZTVN8CryptoPP14

    You might also like