Sample details: 683c1ad4f11c1d3e8211b29290a633f8 --

Hashes
MD5: 683c1ad4f11c1d3e8211b29290a633f8
SHA1: 7c1738a7270bae2cb8c4c8770bebf5a4082e5828
SHA256: 86461ed2d1a631763a14634e6797def7011c148e79e6f70cc161f91d2778dd35
SSDEEP: 192:ZBjQ7TPuOnN3umJc4xn7OnlARgwIyMjpWTfXe+vd4TVHVswVRH4Qbs+sw26fMe:+PuOnFuP4xalAiQe+V8pbj0e
Details
File Type: ELF
Added: 2018-09-01 13:13:39
Yara Hits
YRP/domain | YRP/contentis_base64 | YRP/ldpreload |
Parent Files
f0abe914888b7277ce3de226a9cabfc7
Source
Strings
		/system/bin/linker
__libc_init
__cxa_atexit
ptrace
memcpy
perror
__android_log_print
waitpid
snprintf
strstr
strtok
strtoul
fclose
__stack_chk_fail
__stack_chk_guard
opendir
sprintf
strcmp
readdir
closedir
printf
strlen
dlopen
dlclose
dlerror
__errno
strerror
__gnu_Unwind_Find_exidx
__cxa_begin_cleanup
__cxa_type_match
__cxa_call_unexpected
_edata
__bss_start
liblog.so
libstdc++.so
libm.so
libc.so
libdl.so
"JzD !
(1|D$h
 yDzD;
 |DzD!
Android
ptrace_getregs: Can not get register values
INJECT
ptrace_getregs: Can not get register values 
ptrace_setregs: Can not set register values
ptrace_getregs: Can not set register values 
ptrace_cont
ptrace_continue: error! 
ptrace_attach
ptrace_detach
/proc/self/maps
/proc/%d/maps
[+] get_remote_addr: local[%x], remote[%x]
/proc/%d/cmdline
[+] Calling %s in target process.
[+] Target process returned from %s, return value=%x, pc=%x 
[+] Injecting process: %d
[+] Remote mmap address: %x
[+] Get imports: dlopen: %x, dlsym: %x, dlclose: %x, dlerror: %x
library path = %s
dlopen
hook_entry_addr = %p
hook_entry
Usage : inject <inject process name> <inject library name>
For Example : inject /system/bin/netd /data/libinject.so
leimingjian, find :%s in process./n
leimingjian, ret is %d:  /n
leimingjian, Cannot set priority:%s ./n
leimingjian, inject begin !
leimingjian, inject Usage : inject process name=%s, inject library name=%s 
leimingjian, inject: Can't find the process
leimingjian, has inject %s already !
leimingjian, inject finished !
/system/bin/linker
/system/lib/libc.so
GCC: (GNU) 4.6 20120106 (prerelease)
gold 1.10
.shstrtab
.interp
.dynsym
.dynstr
.rel.dyn
.rel.plt
.note.android.ident
.ARM.exidx
.ARM.extab
.rodata
.fini_array
.init_array
.preinit_array
.ctors
.dynamic
.comment
.note.gnu.gold-version
.ARM.attributes