Extracted

• • Target

    mpsl.elf

  • Size

    106KB

  • MD5

    e1506e7d4d7359db685b3bdef09a1de9

  • SHA1

    73232a78e75d724d56455562c84684389450e881

  • SHA256

    3f641d453df7285ffdc7cb3eb2e4c2b8ed3c4ccfeee6600626c90a7bdc8c6046

  • SHA512

    2f0dac784c12d407a4b4412dc8bba251a06cae2b64298d062cb2f68bc0651559d59f4ce9ddf309c63c53e118b25e78f042b979ca74926244d57204f3dccdfbd9

  • SSDEEP

    1536:xpkGXvSvr77wIPSdCAWdVixkxhWf3jQ0wZygsCkcmRv2:xpk4Svr77wG8vj5wnev2

  Score

  7^/10

  defense_evasiondiscoveryevasionpersistenceprivilege_escalation

  • Deletes Audit logs

    Deletes logs related to the Linux Audit framework.

    evasion

  • Deletes itself

  • Deletes system logs

    Deletes log file which contains global system messages. Adversaries may delete system logs to minimize their footprint.

    evasion

  • Modifies Watchdog functionality

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion

  • Deletes log files

    Deletes log files on the system.

    defense_evasion

  • Enumerates running processes

    Discovers information about currently running processes on the system

  • Modifies systemd

    Adds/ modifies systemd service files. Likely to achieve persistence.

    persistenceprivilege_escalation
  behavioral1