Windows 7 deprecation

Windows 7 will be removed from tria.ge on 2025-03-31

Overview

overview

10

Static

static

10

mpsl.elf

debian-12-mipsel

9

Analysis

  • max time kernel
    70s
  • max time network
    154s
  • platform
    debian-12_mipsel
  • resource
    debian12-mipsel-20240729-en
  • resource tags

    arch:mipselimage:debian12-mipsel-20240729-enkernel:6.1.0-17-4kc-maltalocale:en-usos:debian-12-mipselsystem
  • submitted
    20/12/2024, 15:33

Sharing

Copy URL
Twitter E-mail
Report Analysis Logs

General

  • Target

    mpsl.elf

  • Size

    95KB

  • MD5

    2b671c0e7ee1068632e6d2ff298c7486

  • SHA1

    dc3d668edbe45dedc44460ec4878c0025063de01

  • SHA256

    b1afe19d92ceafc19868ceaaff7ca91d415f7e02106e127a21e0944e2ebf9f24

  • SHA512

    d8e546396aebd33072b47fb5a0608c30ceae15524fb48f03deec2325e881959dd724d6deda9eb363ffc8484bbad6dd0335dd2f0b1f75ac54838e752d12a15843

  • SSDEEP

    1536:69gBeHbiMX4cHa0aZL/TsUAd/7MnneIOAPZ6y1Dib9pJkq5ODXuzALzZ:69gBqtXpHgCzMnneI3P012XuzA5

Score
9/10
discovery

Malware Config

Signatures

  • Contacts a large (226284) amount of remote hosts 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Creates a large amount of network flows 1 TTPs

    This may indicate a network scan to discover remotely running services.

    discovery
  • Unexpected DNS network traffic destination 1 IoCs

    Network traffic to other servers than the configured DNS servers was detected on the DNS port.

  • Changes its process name 1 IoCs
  • Reads runtime system information 23 IoCs

    Reads data from /proc virtual filesystem.

    discovery

Processes

  • /tmp/mpsl.elf
    /tmp/mpsl.elf
    1⤵
    • Changes its process name
    • Reads runtime system information
    PID:743

Network

MITRE ATT&CK Enterprise v15

Replay Monitor

Loading Replay Monitor...

Downloads