c12f36d08f3427a7077bf09e5ff955fefac9712ba9d413f45160a63ca04f2351

Analysis

max time kernel
128s
max time network
129s
platform
ubuntu-22.04_amd64
resource
ubuntu2204-amd64-20240611-en
resource tags

arch:amd64arch:i386image:ubuntu2204-amd64-20240611-enkernel:5.15.0-105-genericlocale:en-usos:ubuntu-22.04-amd64system
submitted
14-01-2025 13:22

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

rebirth.x86.elf
Size

98KB
MD5

2aaa580f6dce10b2fd777231e3257a58
SHA1

8da5f8f1d31fe006e718bfff85590efc6760a683
SHA256

c12f36d08f3427a7077bf09e5ff955fefac9712ba9d413f45160a63ca04f2351
SHA512

ca2418ed1e88969d5b51fc9bd8571b9dbb11766e95e842c4f3957a23ae2980e2f15975e7ea2bbdb2e2a64efe1b48bad9f88e482062c71b382a1e38ebedb4732a
SSDEEP

1536:Q9fT9WiC3txvWtfEo5vXJM9wypej++3h5EgL7nLGPTms5TDUMHYr/:Q9jC9wtsOnuejjh5EgL7smITDfHYr/

Score

6^/10

discovery

Malware Config

Signatures

Reads system routing table 1 TTPs 1 IoCs

Gets active network interfaces from /proc virtual filesystem.

discovery

Internet Connection Discovery

T1016.001

description	ioc	Process
File opened for reading	/proc/net/route	rebirth.x86.elf

Reads system network configuration 1 TTPs 1 IoCs

Uses contents of /proc filesystem to enumerate network settings.

discovery

Internet Connection Discovery

T1016.001

description	ioc	Process
File opened for reading	/proc/net/route	rebirth.x86.elf

/tmp/rebirth.x86.elf
/tmp/rebirth.x86.elf
1⤵
- Reads system routing table
- Reads system network configuration
PID:1568

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1016

Internet Connection Discovery

T1016.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads