Overview

overview

9

Static

static

1

bok.mpsl-2...06.elf

debian-9-mipsel

9

Sharing

Copy URL Twitter E-mail

General

  • Target

    bok.mpsl-20230311-0506.elf

  • Size

    37KB

  • Sample

    230311-frzt6agf33

  • MD5

    f13c3bf4881ff085ba27b92b641e6854

  • SHA1

    664b566e18ed9480d7720fa4b6d7ae7cf922fb33

  • SHA256

    5c6438c274682174a00a381ede0c3511f2b7f919887a63ced5798f69467511ec

  • SHA512

    1691ddef493e50638cff6bec3e7659384d3ca1a28365774b2a50457df9fba23b3fe1c46fb227d1f3925dbca73ffed84152de193e35c0c4b0498d9c54ad3b8ba4

  • SSDEEP

    768:VxJ06HVZmAcDS+3LJREz8CAoveorosRn4G5E0Z1mwgIRlLj5xhnIX1fWH:VnTHnmXScNREoCA4FBRn4/0ZoARlLj7h

Score
9/10
discovery

Malware Config

Targets

    • Target

      bok.mpsl-20230311-0506.elf

    • Size

      37KB

    • MD5

      f13c3bf4881ff085ba27b92b641e6854

    • SHA1

      664b566e18ed9480d7720fa4b6d7ae7cf922fb33

    • SHA256

      5c6438c274682174a00a381ede0c3511f2b7f919887a63ced5798f69467511ec

    • SHA512

      1691ddef493e50638cff6bec3e7659384d3ca1a28365774b2a50457df9fba23b3fe1c46fb227d1f3925dbca73ffed84152de193e35c0c4b0498d9c54ad3b8ba4

    • SSDEEP

      768:VxJ06HVZmAcDS+3LJREz8CAoveorosRn4G5E0Z1mwgIRlLj5xhnIX1fWH:VnTHnmXScNREoCA4FBRn4/0ZoARlLj7h

    Score
    9/10
    discovery

    • Contacts a large (45874) amount of remote hosts

      This may indicate a network scan to discover remotely running services.

      discovery

    • Creates a large amount of network flows

      This may indicate a network scan to discover remotely running services.

      discovery

    • Modifies the Watchdog daemon

      Malware like Mirai modify the Watchdog to prevent it restarting an infected system.

    • Reads runtime system information

      Reads data from /proc virtual filesystem.

    • Writes file to tmp directory

      Malware often drops required files in the /tmp directory.

    behavioral1

MITRE ATT&CK Enterprise v6

Tasks