Overview

overview

10

Static

static

10

byte.mpsl.elf

debian-9-mipsel

7

Analysis

  • max time kernel
    150s
  • max time network
    152s
  • platform
    debian-9_mipsel
  • resource
    debian9-mipsel-20240729-en
  • resource tags

    arch:mipselimage:debian9-mipsel-20240729-enkernel:4.9.0-13-4kc-maltalocale:en-usos:debian-9-mipselsystem
  • submitted
    13-12-2024 09:19

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    byte.mpsl.elf

  • Size

    118KB

  • MD5

    034bae419c844c89b42d2b39200d15ca

  • SHA1

    3cfaf658fc0bf57fd431c430693cff7a342781bc

  • SHA256

    07436ba06220ede5338f7f770e7c6a660f11e3bbebba6c92d5988d5f512b4983

  • SHA512

    a08cc0ec6b0012dd5b816b0ea12773b289a80ed8322751c855d71b9aa397f8193c0db3f1b193e92f1ac80b23a6dc02ddbfa9d730cb220e23fa54534653ab0083

  • SSDEEP

    1536:BGmnLpEKrHc9o8uGC9KF86e//F7ogl/f4ZLpL35FstAPeemQSl61d6vZgum:RLuKrHc3Cd5ln4vRaQS44Zg

Score
7/10
defense_evasiondiscovery

Malware Config

Signatures

  • Modifies Watchdog functionality 1 TTPs 2 IoCs

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion
  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Reads runtime system information 64 IoCs

    Reads data from /proc virtual filesystem.

    discovery

Processes

  • /tmp/byte.mpsl.elf
    /tmp/byte.mpsl.elf
    1⤵
    • Modifies Watchdog functionality
    • Reads runtime system information
    PID:709

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads