Analysis
-
max time kernel
151s -
max time network
154s -
platform
debian-12_mipsel -
resource
debian12-mipsel-20240418-en -
resource tags
arch:mipselimage:debian12-mipsel-20240418-enkernel:6.1.0-17-4kc-maltalocale:en-usos:debian-12-mipselsystem -
submitted
09-11-2024 17:07
General
-
Target
main_mpsl.elf
-
Size
58KB
-
MD5
8bb8c61a30f302bdf8450b590465dae3
-
SHA1
d526feeaa961567e19255b06aa597052a0df7472
-
SHA256
99f2ca4702e6d82631935eecf366dcaecf48701216c15896761ff019647ee97c
-
SHA512
144f3735053200d416692d410727c87bbc9d5af26c727e792fc8484849b6acbef674f34e96f2a9d2c482c860ab2ebfe890bd548f466428f1a3d7182f19ebf7ba
-
SSDEEP
1536:eqsxT69k3x/rwjY6NgL6U28JBwrxLiipQeY9vCIB:WxT69kunfU28JGVLhQeY9zB
Malware Config
Signatures
-
Mirai family
-
Deletes itself 1 IoCs
Processes:
main_mpsl.elfpid process 744 main_mpsl.elf -
Changes its process name 1 IoCs
Processes:
main_mpsl.elfdescription ioc pid process Changes the process name, possibly in an attempt to hide itself httpd 744 main_mpsl.elf -
Processes:
main_mpsl.elfdescription ioc process File opened for reading /proc/self/exe main_mpsl.elf -
Writes file to tmp directory 1 IoCs
Malware often drops required files in the /tmp directory.
Processes:
main_mpsl.elfdescription ioc process File opened for modification /tmp/main_mpsl.elf main_mpsl.elf