DigitalSide Threat Intel

Mozi.m

First submission 2023-02-10 23:56:05 Last sumbission 2024-10-17 20:28:06

File details

File type: ELF 32-bit MSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, no section header
File size: 300.74 KB (307960 bytes)
MD5: 5d4282a728d4f03f67f43c6b11de3920
SHA1: a7c66c4a2bc20aff3ad2c8d4eb529a8d000bff35
SHA256: 473ebb9c9b214d6ecf715322658569d6ae7bf050c01a58f42c3da61b4eafe642

File features detected

Is DLL
Packers
Anti Debug
Anti VM
Signed
XOR

OSINT Enrichments

Virus Total: 39/61 VT report date: 2022-04-29 08:18:38

URLs, FQDN and IP indicators 1

URL Host (FQDN/IP) Date Added
hXXp://59.183.121.85:56299/Mozi.m VirusTotal Report 59.183.121.85 VirusTotal Report 2024-10-17 20:28:11

Strings analysis - Possible IPs found 2

192.168.1.1
192.168.3.1

Strings analysis - Possible URLs found 7

http://%s:%d/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+varcron
http://%s:%d/Mozi.m;$
http://schemas.xmlsoap.org/soap/encoding/
http://%s:%d/Mozi.m;/tmp/Mozi.m
http://schemas.xmlsoap.org/soap/envelope/
http://upx.sf.net
http://%s:%d/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws