It appears 'watcher' is a headless packet sniffer used for spying.
The first few lines makes calls to /lib64/ld-linux-x86-64.so.2 to find a process ID; next it makes a call to libc.so.6 where it opens up some sort of connection, either to localhost or to a remote server (further disassembly required).
this program was probably written in 2002 or so (judging by the glibc version), definitely before 2011 as libc.so.6 stopped being hard-coded after that afaik.
Atavic
commented
7 years ago
It appears 'watcher' is a headless packet sniffer used for spying. The first few lines makes calls to /lib64/ld-linux-x86-64.so.2 to find a process ID; next it makes a call to libc.so.6 where it opens up some sort of connection, either to localhost or to a remote server (further disassembly required).
this program was probably written in 2002 or so (judging by the glibc version), definitely before 2011 as libc.so.6 stopped being hard-coded after that afaik.
The strings that give it away as a sniffer are: