Download debian iso
http://cdimage.debian.org/cdimage/release/current/mipsel/iso-cd/debian-9.1.0-mipsel-netinst.iso
Download initrd & vmlinux
Create a new hard disk
$ qemu-img create -f qcow2 hda.qcow 10G
Install debian
$ qemu-system-mipsel -cdrom debian-9.1.0-mipsel-netinst.iso \
-hda hda.qcow \
-M malta \
-kernel vmlinux-4.9.0-3-4kc-malta \
-boot d \
-initrd initrd.gz \
-m 512 \
-nographic \
-append "root=/dev/sda1 nokaslr"
Allow for the installation to complete.
IMPORTANT At the end it will give you an option to return to the installation menu. Do that and choose drop to shell. From there, use cat /target/boot/vmlinux-* | nc 10.0.2.2 12345 with a netcat listener on the host redirecting to the same filename, i.e. nc.traditional -l -p 12345 > vmlinux-xxx to transfer the installed boot kernel. Do the same with the /target/boot/initrd file. These are now your QEMU boot and initrd files. You'll use them when booting the installed QEMU VM. Note 10.0.2.2 was the address given as the default route in the QEMU guest when using route -n. It doesn't actually appear on your host, I assume it is some prerouting rule that QEMU sets up, or something similar.
Boot from hda
$ qemu-system-mipsel -hda hda.qcow \
-M malta \
-kernel vmlinux-4.9.0-3-4kc-malta \
-initrd initrd.gz \
-m 512 \
-nographic \
-append "root=/dev/sda1 nokaslr"
Note: vmlinux-4.9.0-3-4kc-malta is the file copied from the VM in the previous step and NOT the original one downloaded from ftp.debian.org. It will likely have a slightly different name. It is the name used in the nc step at the end of installation, described in the prior step.
References