MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 3ddb530463e1b1efc9d05777ce76fc6fea4b51572e2737a5498533e8d6cb8b04. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 9


Intelligence 9 IOCs YARA File information Comments 1
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 3ddb530463e1b1efc9d05777ce76fc6fea4b51572e2737a5498533e8d6cb8b04
SHA3-384 hash: da1c9df50f027dfd59802a792212b6d575acdb2bf41fe9adb72e26be3f59bf5d59e5332b81198be52c39f749f26c9850
SHA1 hash: 0fa631ccaa3c102a33167c8ef996039b7abd4146
MD5 hash: 673b0f56787a4cce86711f6b9014ea64
humanhash: july-batman-eighteen-maryland
File name:673b0f56787a4cce86711f6b9014ea64
Download: download sample
Signature Mirai
Create hunting rule
File size:23'688 bytes
First seen:2021-10-16 14:55:09 UTC
Last seen:Never
File type: elf
MIME type:application/x-executable
ssdeep 384:2qcCWu0ljABoC5D5lCSy9VIc2qRC70ZVUKCbZhRN/H+o0zmiR94121mdGU5EZ:vcCGjcoAy59uc2i1cKWrZ0zmiRms3U2
TLSH T177B2D1200220B8F2C5D25E316EED4541633A2DE6E49BB55F263B1334E9D959B6CF8077
Reporter zbetcheckin
Tags:32 arm elf mirai

Intelligence

File Origin
# of uploads :
1
# of downloads :
161
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Unix.Trojan.Mirai-9894781-0
Create hunting rule

Verdict:
Likely Malicious
Threat level:
  7.5/10
Confidence:
100%
Tags:
anti-debug
Link:
https://www.filescan.io/uploads/616ae805a9d585e6d52aff9b/reports/ffbba7e3-de2e-4e87-bfc4-af58751c5d47/overview
Verdict:
Malicious
Uses P2P?:
false
Uses anti-vm?:
false
Architecture:
arm
Packer:
UPX
Botnet:
unknown
Number of open files:
0
Number of processes launched:
0
Processes remaning?
false
Remote TCP ports scanned:
not identified
Full report:
https://elfdigest.com/brief/3ddb530463e1b1efc9d05777ce76fc6fea4b51572e2737a5498533e8d6cb8b04
Behaviour
no suspicious findings
Botnet C2s
TCP botnet C2(s):
not identified
UDP botnet C2(s):
not identified
Result
Verdict:
MALICIOUS
Malware family:
Mirai
Create hunting rule
Verdict:
Malicious
Link:
https://analyze.intezer.com/analyses/9f3d71fc-2cc6-481d-932d-50840c94a9ce
Result
Threat name:
Unknown
Detection:
malicious
Classification:
n/a
Score:
48 / 100
Link:
https://www.joesandbox.com/analysis/871603
Signature
Multi AV Scanner detection for submitted file
Behaviour
Behavior Graph:
Download SVG
Detection:
mirai
Create hunting rule
Link:
https://mwdb.cert.pl/sample/3ddb530463e1b1efc9d05777ce76fc6fea4b51572e2737a5498533e8d6cb8b04/
Threat name:
Linux.Trojan.Mirai
Create hunting rule
Status:
Malicious
First seen:
2021-10-16 14:56:06 UTC
AV detection:
15 of 45 (33.33%)
Threat level:
  5/5
Result
Malware family:
n/a
Score:
  1/10
Tags:
linux
Link:
https://tria.ge/reports/211016-sa124scba5/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
0.80
Link:
https://yomi.yoroi.company/submissions/3ddb530463e1b1efc9d05777ce76fc6fea4b51572e2737a5498533e8d6cb8b04

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

elf 3ddb530463e1b1efc9d05777ce76fc6fea4b51572e2737a5498533e8d6cb8b04

(this sample)

  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/1685083/
  
URLhaus
https://urlhaus.abuse.ch/url/1663368/

Comments


Avatar
zbet commented on 2021-10-16 14:55:10 UTC

url : hxxp://45.148.10.245/lx/apep.arm5