echobot | e6f528fd547499ea57665179965241407456016f865ace49c8980b60dee89f1b | Triage

Submit
Reports

Overview

overview

Static

static

jade.mpsl.elf

debian-9-mipsel

9

Sharing

General

Target

jade.mpsl.elf
Size

138KB
Sample

241212-3ettpsspdl
MD5

6c04f27197d1d20e6ea2a24dd780836f
SHA1

304748cda338afd6e31102d2ee9784ab617a4bce
SHA256

e6f528fd547499ea57665179965241407456016f865ace49c8980b60dee89f1b
SHA512

bbb3b303fb3dd84be18a750633aa3efba6efa007211eb46c1a4213ae974187250d2561fcf392a2d462f1b2ff469bab9044dc4f0147d1d232089d99ec1520f7c2
SSDEEP

3072:kf/fyUWtucJhSO5EH/UNVOX5DMQ1lbvl:kf/fyUWtrDE0VYnzbvl

Score

10^/10

echobot mirai defense_evasion discovery

Static task

static1

3 signatures

Behavioral task

behavioral1

Sample

jade.mpsl.elf

Resource

debian9-mipsel-20240226-en

defense_evasion discovery

debian-9-mipsel

7 signatures

150 seconds

Malware Config

Targets

- Target
  
  jade.mpsl.elf
- Size
  
  138KB
- MD5
  
  6c04f27197d1d20e6ea2a24dd780836f
- SHA1
  
  304748cda338afd6e31102d2ee9784ab617a4bce
- SHA256
  
  e6f528fd547499ea57665179965241407456016f865ace49c8980b60dee89f1b
- SHA512
  
  bbb3b303fb3dd84be18a750633aa3efba6efa007211eb46c1a4213ae974187250d2561fcf392a2d462f1b2ff469bab9044dc4f0147d1d232089d99ec1520f7c2
- SSDEEP
  
  3072:kf/fyUWtucJhSO5EH/UNVOX5DMQ1lbvl:kf/fyUWtrDE0VYnzbvl
Score

9^/10

defense_evasion discovery
- Contacts a large (232929) amount of remote hosts
  This may indicate a network scan to discover remotely running services.
  discovery
- Creates a large amount of network flows
  This may indicate a network scan to discover remotely running services.
  discovery
- Modifies Watchdog functionality
  Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.
  defense_evasion
- Enumerates active TCP sockets
  Gets active TCP sockets from /proc virtual filesystem.
  discovery
behavioral1

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Impair Defenses

Credential Access

Discovery

Network Service Discovery

System Network Configuration Discovery

Internet Connection Discovery

System Network Connections Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

defense_evasiondiscovery

© 2018-2025

Terms | Privacy