58e0f84ad9b3b367825869c6f06a87b5b5ce473a3c14a9c3a3ca4d28b462346e

Analysis

max time kernel
146s
max time network
150s
platform
debian-12_mipsel
resource
debian12-mipsel-20240221-en
resource tags

arch:mipselimage:debian12-mipsel-20240221-enkernel:6.1.0-17-4kc-maltalocale:en-usos:debian-12-mipselsystem
submitted
12-12-2024 05:40

Sharing

Copy URL

Twitter E-mail

Report Analysis Logs

General

Target

mpsl.xxx.elf
Size

148KB
MD5

654a4eeedecc0e2d1fcfdaac4bc1e84f
SHA1

7a9aa0e4b405ad1697cf5c408d654d7ace2b4593
SHA256

58e0f84ad9b3b367825869c6f06a87b5b5ce473a3c14a9c3a3ca4d28b462346e
SHA512

487f704e491509cc006b431ac58c40b0a460f61ccdc928fdf50ccbed68c6894eafa9e88d4c9a065a23e14954cf502a95972f5962f520209f5b8401a20addee26
SSDEEP

1536:rryejez5tMXrpyrTpHToBA9i4JNqm/VBymv4YmPQ:rrVrsrTd7kqwmNBymgYmPQ

Score

6^/10

discovery

Malware Config

Signatures

Reads system routing table 1 TTPs 1 IoCs

Gets active network interfaces from /proc virtual filesystem.

discovery

Internet Connection Discovery

T1016.001

description	ioc	Process
File opened for reading	/proc/net/route	mpsl.xxx.elf

Reads system network configuration 1 TTPs 1 IoCs

Uses contents of /proc filesystem to enumerate network settings.

discovery

Internet Connection Discovery

T1016.001

description	ioc	Process
File opened for reading	/proc/net/route	mpsl.xxx.elf

/tmp/mpsl.xxx.elf
/tmp/mpsl.xxx.elf
1⤵
- Reads system routing table
- Reads system network configuration
PID:744

Network

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Network Configuration Discovery

T1016

Internet Connection Discovery

T1016.001

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Analysis

Sharing

General

Malware Config

Signatures

Processes

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads