c5115185ed445bf83bd1de3f433c0dbc36df6b3d56fbcc5518689182ebd0aa83 | Triage

Sharing

General

Target

rebirth.arm5
Size

297KB
Sample

240229-fqcy1aeb97
MD5

ea309f0ca298587b895eac62f2bca019
SHA1

8902cefcc14364214c75db6b1d311d294d4935a9
SHA256

c5115185ed445bf83bd1de3f433c0dbc36df6b3d56fbcc5518689182ebd0aa83
SHA512

9d23cd0c9a8795c088623301828d579665d1b2efae73a1e87e130c3d66a10c00142e6bb49fb6ceeb9820782487917475a01bc44cc0659c03881cc18cd75ff5e6
SSDEEP

6144:AYYcatHJ2y2+z4RZedkAM/LaSXV7zm6wxTIe+5:AYYcatHJ2y2O2LAMZl3m6WTIe+5

Score

7^/10

Malware Config

Targets

- Target
  
  rebirth.arm5
- Size
  
  297KB
- MD5
  
  ea309f0ca298587b895eac62f2bca019
- SHA1
  
  8902cefcc14364214c75db6b1d311d294d4935a9
- SHA256
  
  c5115185ed445bf83bd1de3f433c0dbc36df6b3d56fbcc5518689182ebd0aa83
- SHA512
  
  9d23cd0c9a8795c088623301828d579665d1b2efae73a1e87e130c3d66a10c00142e6bb49fb6ceeb9820782487917475a01bc44cc0659c03881cc18cd75ff5e6
- SSDEEP
  
  6144:AYYcatHJ2y2+z4RZedkAM/LaSXV7zm6wxTIe+5:AYYcatHJ2y2O2LAMZl3m6WTIe+5
Score

7^/10
- Changes its process name
- Reads system routing table
  Gets active network interfaces from /proc virtual filesystem.
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1