Analysis
-
max time kernel
142s -
max time network
148s -
platform
debian-9_armhf -
resource
debian9-armhf-20240611-en -
resource tags
-
submitted
30-12-2024 01:17
General
-
Target
rebirth.arm4.elf
-
Size
108KB
-
MD5
fea39a8d7095c7e32059660e09e86c9a
-
SHA1
e781604cff909a64845e2a3f97670fcd2e0b961d
-
SHA256
5154823e84f9e4b08c7780a2c51f0c384839844c630c73fc078c78ebd6ebafe6
-
SHA512
fd2a022eb054dbf90fc6348665777bd1e4bd5ccde883ea482f350fc078b701899abd2297ede9dd16165c0857470eae80a5e01f54655adef08ef7d8a69ee5c3d7
-
SSDEEP
3072:HgvUxOcKFN+B9Jy8D3XvpIhfXM4CHz9cm7QnKQXaeW:HDEKXy8rvOFXM4CZcm7QnKGaeW
Score
6/10
Malware Config
Signatures
-
Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.
-
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
Processes
-
/tmp/rebirth.arm4.elf/tmp/rebirth.arm4.elf1⤵
- Reads system routing table
- Reads system network configuration