Analysis

  • max time kernel
    152s
  • max time network
    165s
  • platform
    debian-12_mipsel
  • resource
    debian12-mipsel-20240221-en
  • resource tags

    arch:mipselimage:debian12-mipsel-20240221-enkernel:6.1.0-17-4kc-maltalocale:en-usos:debian-12-mipselsystem
  • submitted
    25/07/2024, 15:11

General

  • Target

    mpsl.elf

  • Size

    71KB

  • MD5

    7e743466bf9aac98df72dc8ee8767b22

  • SHA1

    81a197a47ade918aee407e60c6703ec1523a5376

  • SHA256

    7eefc3fd96c921e9dbd1866159c24be1b903e9e190fb4e05a702e584d0f9e3d1

  • SHA512

    85857476d2b8a24db910163184c736b896bfce1591270a18c2a0c44309733094982600e11d077b190f142234139c4ac5d841de63efad4965ac4477f3925b742b

  • SSDEEP

    768:lqwATxpQ5e+y4rPv5Y6ZDSP6gSOee2etJeGa7N/kWjrXilvo2KXZY10Uj7:lCTxq55YADSP6X/74JVSN/nJ26a10o

Score
9/10

Malware Config

Signatures

  • Contacts a large (104757) amount of remote hosts 1 TTPs

    This may indicate a network scan to discover remotely running services.

  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

  • Changes its process name 1 IoCs
  • Writes file to tmp directory 2 IoCs

    Malware often drops required files in the /tmp directory.

Processes

  • /tmp/mpsl.elf
    /tmp/mpsl.elf
    1⤵
    • Changes its process name
    • Writes file to tmp directory
    PID:741

Network

        MITRE ATT&CK Enterprise v15

        Replay Monitor

        Loading Replay Monitor...

        Downloads