Extracted

• • Target

    mpsl.elf

  • Size

    82KB

  • MD5

    d10cde406bb6e741caa075ae3eb1b59b

  • SHA1

    3b8761c325ff59e67ced6151d5c0b483e7009ff0

  • SHA256

    33aaa80f492242f0a5e3e8edec511d11b09910e21d044b7425f2b19c79885275

  • SHA512

    d475ae20989beac90cb6bd51b2a91536880af3c07c7a5e5de5210670ee0292e599871488659fbf99206aaf1e99e19b5344ef936a0a602abffdf62b4473edb48d

  • SSDEEP

    768:Awr5KJUlYduHE4gJT9LZjVrZsWESEm8u7epaA8tFcxqRxqrcveTE5y3odGbsB6fX:Awr5c8pa4it85gHsMq9Io/4KNg93

  Score

  7^/10

  credential_accessdefense_evasiondiscovery

  • Modifies Watchdog functionality

    Malware like Mirai modifies the Watchdog to prevent it restarting an infected system.

    defense_evasion

  • Enumerates active TCP sockets

    Gets active TCP sockets from /proc virtual filesystem.

    discovery

  • Reads process memory

    Read the memory of a process through the /proc virtual filesystem. This can be used to steal credentials.

    credential_access
  behavioral1