Analysis
-
max time kernel
126s -
max time network
140s -
platform
debian-12_armhf -
resource
debian12-armhf-20240221-en -
resource tags
-
submitted
14-01-2025 13:23
General
-
Target
rebirth.arm6.elf
-
Size
146KB
-
MD5
07d31d070bb4c77c7b55759c3466f6f5
-
SHA1
0d87281a1c7fb3eef6165025510a53d856a8db84
-
SHA256
a559640dd81c561e660eec6b7c78c96c5f618c63a5e8da2c4afcd187d36ed2ee
-
SHA512
12022a5a55723bea29748626df86c2de01ccc373c97687ad8f534d8a2f167ec04b61d46a77bab3a11bce31994ae816c29bcbab1378a3a6ce7747570d85e471da
-
SSDEEP
3072:CtfSVjcVCLJDexaWt8m717nI8txVEHIzmQwfCMQiGW:AfSVjcgLNexa9y17nI8txVEcmQwfCDi9
Score
6/10
Malware Config
Signatures
-
Reads system routing table 1 TTPs 1 IoCs
Gets active network interfaces from /proc virtual filesystem.
-
Reads system network configuration 1 TTPs 1 IoCs
Uses contents of /proc filesystem to enumerate network settings.
Processes
-
/tmp/rebirth.arm6.elf/tmp/rebirth.arm6.elf1⤵
- Reads system routing table
- Reads system network configuration