Extracted

• • Target

    rebirth.arm5.elf

  • Size

    77KB

  • MD5

    bc20ac7e3796eeb3398dfc154e355ef1

  • SHA1

    6a56bc02448b45425020a2425a6ea39a7c72d8d7

  • SHA256

    cfdac538bff6b50b3bc4726f45cf6e959b5c84b2b33c340670c958afc5a5e34f

  • SHA512

    139416555fc4451509d5d3090114295d440aeab231a502dea7c1c79ed30860991f4ebfbd1946a727dc79dc9a8cdc9acd2184a063a10dde9ef2dc4695e47b071e

  • SSDEEP

    1536:6ODrgViG5ZK5HKRjP72I9OqsFkWa9V5bPoVEmwbZnN:6ODrgdNj79OqukWkb3mwbZnN

  Score

  9^/10

  defense_evasiondiscoverypersistence

  • Contacts a large (23350) amount of remote hosts

    This may indicate a network scan to discover remotely running services.

    discovery

  • Creates a large amount of network flows

    This may indicate a network scan to discover remotely running services.

    discovery

  • File and Directory Permissions Modification

    Adversaries may modify file or directory permissions to evade defenses.

    defense_evasion

  • Modifies rc script

    Adding/modifying system rc scripts is a common persistence mechanism.

    persistence
  behavioral1