Overview

overview

7

Static

static

1

rebirth.arm5

debian-9-armhf

7

Analysis

  • max time kernel
    127s
  • max time network
    129s
  • platform
    debian-9_armhf
  • resource
    debian9-armhf-20240226-en
  • resource tags

    arch:armhfimage:debian9-armhf-20240226-enkernel:4.9.0-13-armmp-lpaelocale:en-usos:debian-9-armhfsystem
  • submitted
    29-02-2024 05:04

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    rebirth.arm5

  • Size

    297KB

  • MD5

    ea309f0ca298587b895eac62f2bca019

  • SHA1

    8902cefcc14364214c75db6b1d311d294d4935a9

  • SHA256

    c5115185ed445bf83bd1de3f433c0dbc36df6b3d56fbcc5518689182ebd0aa83

  • SHA512

    9d23cd0c9a8795c088623301828d579665d1b2efae73a1e87e130c3d66a10c00142e6bb49fb6ceeb9820782487917475a01bc44cc0659c03881cc18cd75ff5e6

  • SSDEEP

    6144:AYYcatHJ2y2+z4RZedkAM/LaSXV7zm6wxTIe+5:AYYcatHJ2y2O2LAMZl3m6WTIe+5

Score
7/10

Malware Config

Signatures

  • Changes its process name 1 IoCs
  • Reads system routing table 1 TTPs 1 IoCs

    Gets active network interfaces from /proc virtual filesystem.

  • Reads system network configuration 1 TTPs 1 IoCs

    Uses contents of /proc filesystem to enumerate network settings.

Processes

  • /tmp/rebirth.arm5
    /tmp/rebirth.arm5
    1⤵
    • Changes its process name
    • Reads system routing table
    • Reads system network configuration
    PID:655

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads