102f027d9f7a95f8c24395786a4315ca95b2421fa5ae5cd5450b608289900e35

Analysis

max time kernel
145s
max time network
149s
platform
ubuntu-22.04_amd64
resource
ubuntu2204-amd64-20240729-en
resource tags

arch:amd64arch:i386image:ubuntu2204-amd64-20240729-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system
submitted
30-12-2024 01:17

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

rebirth.i686.elf
Size

85KB
MD5

5948c09ed728dd52dbcc333222e72d91
SHA1

683c13ef3c0d0ab47222add1eb04b3a5eaaab14e
SHA256

102f027d9f7a95f8c24395786a4315ca95b2421fa5ae5cd5450b608289900e35
SHA512

b3ef89d3dfa5bcb461e8f9f69e3cd409142a22964fc88eaaaed5d7e136f2617e2069e133dc5b8ebb3dcd4a5b6b0f00c9152c5955a8eab94cce571c4f3fdf1601
SSDEEP

1536:x3oLQ5TCzSVYERb1aGy8gwi5voMbBZzp6+m5CsNFPVYLf0:d8Q5Tv+U5aH8VkAMfp7mwsN1VYLf0

Score

6^/10

discovery

Malware Config

Signatures

Reads system routing table 1 TTPs 1 IoCs

Gets active network interfaces from /proc virtual filesystem.

discovery

Internet Connection Discovery

T1016.001

description	ioc	Process
File opened for reading	/proc/net/route	rebirth.i686.elf

Reads system network configuration 1 TTPs 1 IoCs

Uses contents of /proc filesystem to enumerate network settings.

discovery

Internet Connection Discovery

T1016.001

description	ioc	Process
File opened for reading	/proc/net/route	rebirth.i686.elf

/tmp/rebirth.i686.elf
/tmp/rebirth.i686.elf
1⤵
- Reads system routing table
- Reads system network configuration
PID:1574

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1016

Internet Connection Discovery

T1016.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads