MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 12b8e57f6e57b9b57fb108fb2a905104bace4cf21e27419e7b475fe2596ebf44. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 12b8e57f6e57b9b57fb108fb2a905104bace4cf21e27419e7b475fe2596ebf44
SHA3-384 hash: efc9cf8c0d3062907e327f6e64c502397b6e24c2a47953ceba23da3419b19136f8f9326d251960106fe49d04d9245450
SHA1 hash: 8a8966b840a3a82e7ba7a8cd575d3746e3d8a5ee
MD5 hash: dddbbe4f81a55c515468f9b842ba66f8
humanhash: angel-spring-connecticut-fourteen
File name:rondo.powerpc
Download: download sample
Signature Mirai
Create hunting rule
File size:122'140 bytes
First seen:2025-12-21 07:36:31 UTC
Last seen:Never
File type: elf
MIME type:application/x-executable
ssdeep 1536:KOGw4q1GEDkQTZAYr/KI9qxmKYouPOGlSVhq8H0qmCycLe9r5SPznX5aZFZA:xGtNwf1+npCzlicpCVea75CA
TLSH T1F0C36C87B70C4E47E3A619F0263B33DA93EDD5D131F0A6482A4DBA4852B1D762085FDD
Magika elf
Reporter abuse_ch
Tags:elf mirai

Intelligence

File Origin
# of uploads :
1
# of downloads :
78
Origin country :
DE DE
Vendor Threat Intelligence
No detections
Verdict:
Likely Malicious
Threat level:
  7.5/10
Confidence:
100%
Tags:
mirai
Link:
https://www.filescan.io/uploads/6947a3ab3f8fdbf8e94d66fe/reports/5f8dcfbc-5c5d-4c16-a50a-f2d691c36449/overview
Verdict:
Unknown
File Type:
elf.32.be
First seen:
2025-12-21T05:37:00Z UTC
Last seen:
2025-12-21T05:43:00Z UTC
Hits:
~10
Link:
https://opentip.kaspersky.com/12b8e57f6e57b9b57fb108fb2a905104bace4cf21e27419e7b475fe2596ebf44/results?tab=lookup
Status:
terminated
Link:
https://sandbox.kunai.rocks/analysis/62e3841f-b434-4fea-a63c-8c391d39ac01
Behavior Graph:
Download SVG
%3 guuid=a479be06-1700-0000-5679-06a5820d0000 pid=3458 /usr/bin/sudo guuid=66681f09-1700-0000-5679-06a58c0d0000 pid=3468 /tmp/sample.bin guuid=a479be06-1700-0000-5679-06a5820d0000 pid=3458->guuid=66681f09-1700-0000-5679-06a58c0d0000 pid=3468 execve
Verdict:
Unknown
Link:
https://analyze.intezer.com/analyses/40846665-36ba-4feb-9f2a-05737f928da2
Result
Threat name:
n/a
Detection:
clean
Classification:
n/a
Score:
1 / 100
Link:
https://www.joesandbox.com/analysis/1836939
Behaviour
Behavior Graph:
n/a
Score:
100%
Verdict:
Malware
File Type:
ELF
Link:
https://malprob.io/report/12b8e57f6e57b9b57fb108fb2a905104bace4cf21e27419e7b475fe2596ebf44
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/12b8e57f6e57b9b57fb108fb2a905104bace4cf21e27419e7b475fe2596ebf44/
Threat name:
Linux.Backdoor.Mirai
Create hunting rule
Status:
Malicious
First seen:
2025-12-21 07:37:15 UTC
File Type:
ELF32 Big (Exe)
AV detection:
8 of 24 (33.33%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=ck4ok73ok643k75rbd5svecras5m4thsdytudht3i5p6ewlox5ca._file
Result
Malware family:
n/a
Score:
  1/10
Tags:
linux
Link:
https://tria.ge/reports/251221-jfz8bsspfp/
Verdict:
Unknown
Tags:
n/a
YARA:
n/a
Link:
https://app.threat.zone/submission/f3e88f3e-0037-4a6b-a0a1-705e8d65941a
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/12b8e57f6e57b9b57fb108fb2a905104bace4cf21e27419e7b475fe2596ebf44

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

elf 12b8e57f6e57b9b57fb108fb2a905104bace4cf21e27419e7b475fe2596ebf44

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3736081/
  
Delivery method
Distributed via web download

Comments