MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 12df8690863a6d5767a687d5c9854aad44aceed4be7c3bb161d79bd0c80483e1. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Mirai

Vendor detections: 10

Intelligence 10 IOCs YARA File information Comments

SHA256 hash:	12df8690863a6d5767a687d5c9854aad44aceed4be7c3bb161d79bd0c80483e1
SHA3-384 hash:	6c0e7c1815450f754325259a040757d849fef13b3a9f91a9981f610c26314a767981ab2b6ae394f7a82f8281a09a9f63
SHA1 hash:	026812057bfea3737fd77e1eb79c2db7d2c4bafb
MD5 hash:	554e4c0e84ae76bb492fcd30f9fe8cbd
humanhash:	high-east-nevada-georgia
File name:	boatnet.arm5
Download:	download sample
Signature	Mirai Create hunting rule
File size:	18'504 bytes
First seen:	2024-03-10 17:21:55 UTC
Last seen:	Never
File type:	elf
MIME type:	application/x-executable
ssdeep	384:XfNj/tDtPlPwr2CmOoHjFaurN3OJo0hymdGUop5h56I:JVMrBmTHwuxH0s3Uoznn
TLSH	T1B882C0312066ACB0E1B04131EEBA8A8662EF9339F2F171B65D1041B4FB861A665F47C7
TrID	50.1% (.) ELF Executable and Linkable format (Linux) (4022/12) 49.8% (.O) ELF Executable and Linkable format (generic) (4000/1)
Reporter	elfdigest
Tags:	mirai

Intelligence

File Origin

# of uploads :

1

# of downloads :

241

Origin country :

DE

Vendor Threat Intelligence

Detection(s):

Unix.Trojan.Mirai-8274771-0

Result

Verdict:

Malware

Maliciousness:

Verdict:

Malicious

Threat level:

10/10

Confidence:

100%

Tags:

anti-debug masquerade mirai packed upx

Link:

https://www.filescan.io/uploads/65edec3d83a3efb188d00f25/reports/ae56141d-5ec3-46a6-9252-6fa50a5efb74/overview

Result

Verdict:

MALICIOUS

Malware family:

Mirai

Verdict:

Malicious

Link:

https://analyze.intezer.com/analyses/4b337f6b-ddfc-4366-ac2e-4125f8c5685a

Result

Threat name:

Mirai

Detection:

malicious

Classification:

troj.evad

Score:

68 / 100

Link:

https://www.joesandbox.com/analysis/1406169

Signature

Malicious sample detected (through community Yara rule)

Multi AV Scanner detection for submitted file

Sample is packed with UPX

Yara detected Mirai

Behaviour

Behavior Graph:

Score:

100%

Verdict:

Malware

File Type:

ELF

Link:

https://malprob.io/report/12df8690863a6d5767a687d5c9854aad44aceed4be7c3bb161d79bd0c80483e1

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/12df8690863a6d5767a687d5c9854aad44aceed4be7c3bb161d79bd0c80483e1/

Threat name:

Linux.Trojan.Mirai

Status:

Malicious

First seen:

2024-03-10 14:34:27 UTC

File Type:

ELF32 Little (Exe)

AV detection:

18 of 24 (75.00%)

Threat level:

5/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=clpyneeghjwvoz5gq7k4tbkkvvckz3wuxz6dxmlb26n5bsaeqpqq._file

Result

Malware family:

mirai

Score:

10/10

Tags:

family:mirai botnet:lzrd botnet upx

Link:

https://tria.ge/reports/240310-vxjgpaha68/

Behaviour

Mirai

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Legit

Score:

0.00

Link:

https://yomi.yoroi.company/submissions/12df8690863a6d5767a687d5c9854aad44aceed4be7c3bb161d79bd0c80483e1

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

elf 12df8690863a6d5767a687d5c9854aad44aceed4be7c3bb161d79bd0c80483e1

(this sample)

URLhaus

https://urlhaus.abuse.ch/url/2765225/

Delivery method

Distributed via web download

URLhaus

https://urlhaus.abuse.ch/url/2775728/

URLhaus

https://urlhaus.abuse.ch/url/2765227/

URLhaus

https://urlhaus.abuse.ch/url/2775726/

URLhaus

https://urlhaus.abuse.ch/url/2771404/

URLhaus

https://urlhaus.abuse.ch/url/2771401/

URLhaus

https://urlhaus.abuse.ch/url/2779217/

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample