MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 252225d276aa64ced5402b0fffe6c21793d079926c3ae2ba80f4fa4eacf5d3f7. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Mirai

Vendor detections: 4

Intelligence 4 IOCs YARA File information Comments

SHA256 hash:	252225d276aa64ced5402b0fffe6c21793d079926c3ae2ba80f4fa4eacf5d3f7
SHA3-384 hash:	936d78bd45fc714eb9dff459ac470befa5ed871dad10690e421672639f8606f92249a4c3f6071b4f423f8b904ce79ee9
SHA1 hash:	d3440b9ac5697551b6a648b4ac3c1f37739f40e0
MD5 hash:	cbacf401e106265382525f2556e4262a
humanhash:	massachusetts-louisiana-oranges-rugby
File name:	SecuriteInfo.com.Linux.DownLoader.576.17566.25859
Download:	download sample
Signature	Mirai Create hunting rule
File size:	1'180 bytes
First seen:	2021-07-12 22:35:35 UTC
Last seen:	Never
File type:	elf
MIME type:	application/x-executable
ssdeep	24:FlCPgMoJ5ZdWfWlSZa6KZBI21uaFT5oGYszaruQ4KNfpz:fCIxvZMfWl0a6cK21VFT5oszuH4KN1
TLSH	T17D21CE67B6D8ED32DB6101BBA281AF4B275889A16927FF078E644812EC396C5C531378
telfhash	t142a002612f4f44bcb7d0224c2d06405145cd34f7175131d474b0770937d59455871510
Reporter	SecuriteInfoCom
Tags:	elf mirai

Intelligence

File Origin

# of uploads :

# of downloads :

Origin country :

n/a

Vendor Threat Intelligence

Detection(s):

SecuriteInfo.com.Linux.DownLoader.576.17566.25859.UNOFFICIAL

Verdict:

Malicious

Uses P2P?:

false

Uses anti-vm?:

false

Architecture:

x86

Packer:

not packed

Botnet:

unknown

Number of open files:

Number of processes launched:

Processes remaning?

false

Remote TCP ports scanned:

not identified

Full report:

https://elfdigest.com/brief/252225d276aa64ced5402b0fffe6c21793d079926c3ae2ba80f4fa4eacf5d3f7

Behaviour

no suspicious findings

Botnet C2s

TCP botnet C2(s):

not identified

UDP botnet C2(s):

not identified

Malware family:

Mirai

Verdict:

Malicious

Link:

https://analyze.intezer.com/analyses/8d7f0d8f-2a38-49b9-b1ef-8aeb90dd1225

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/252225d276aa64ced5402b0fffe6c21793d079926c3ae2ba80f4fa4eacf5d3f7/

Threat name:

Linux.Trojan.Mirai

Status:

Malicious

First seen:

2021-07-12 21:36:39 UTC

AV detection:

10 of 28 (35.71%)

Threat level:

5/5

Result

Malware family:

n/a

Score:

1/10

Tags:

linux

Link:

https://tria.ge/reports/210712-bf9ln9d97n/

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Legit

Score:

0.20

Link:

https://yomi.yoroi.company/submissions/252225d276aa64ced5402b0fffe6c21793d079926c3ae2ba80f4fa4eacf5d3f7

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

elf 252225d276aa64ced5402b0fffe6c21793d079926c3ae2ba80f4fa4eacf5d3f7

(this sample)

URLhaus

https://urlhaus.abuse.ch/url/1448388/

Delivery method

Distributed via web download

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample