MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 4f3b6f2823037a0fb1640bbd47e1b0debe494c6d0aed22430254aaf18fbae393. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 11


Intelligence 11 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 4f3b6f2823037a0fb1640bbd47e1b0debe494c6d0aed22430254aaf18fbae393
SHA3-384 hash: 1416b341562734c18d61281ca51d4edaa2d60fd94e811826d4a5f66b775a363eb38a9a3fa30df996268fc19ffe09c926
SHA1 hash: 254dea1ca01a55ea2aa33cccc4a9fc9cb8beca8c
MD5 hash: eda7fb4d91fe80eba0e745b028e96f9b
humanhash: iowa-papa-friend-fix
File name:bot.arm
Download: download sample
Signature Mirai
Create hunting rule
File size:16'444 bytes
First seen:2024-05-31 01:50:07 UTC
Last seen:Never
File type: elf
MIME type:application/x-executable
ssdeep 384:43ZjVkxCC1zH3QWIgCxHJIrS3kz6k+AEjsL4:SZCxC0gW1CxHEaw6TTsL4
TLSH T19A72D083F0C03E4AE138A5372573B69BB60E1EA0443B451DD9EF66025E9748FE173AD5
TrID 50.1% (.) ELF Executable and Linkable format (Linux) (4022/12)
49.8% (.O) ELF Executable and Linkable format (generic) (4000/1)
Reporter elfdigest
Tags:mirai

Intelligence

File Origin
# of uploads :
1
# of downloads :
102
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
Unix.Dropper.Mirai-9785223-0
Create hunting rule

Unix.Dropper.Mirai-9817636-0
Create hunting rule

Verdict:
Malicious
Score:
81.4%
Link:
https://cyber-fortress.com/docs/result/index.php?id=6659c307af950bab634f9d95win7simulatehigh_evasion
Tags:
Mirai
Result
Verdict:
Malware
Maliciousness:
Verdict:
Likely Malicious
Threat level:
  7.5/10
Confidence:
100%
Tags:
anti-debug masquerade packed upx
Link:
https://www.filescan.io/uploads/66592d08689418da6f07b73d/reports/08f8326d-a845-4b26-b728-7c2af7411c53/overview
Verdict:
Malicious
Uses P2P?:
false
Uses anti-vm?:
false
Architecture:
arm
Packer:
UPX
Botnet:
176.97.210.246:80/bins
Number of open files:
45
Number of processes launched:
2
Processes remaning?
true
Remote TCP ports scanned:
not identified
Full report:
https://elfdigest.com/brief/4f3b6f2823037a0fb1640bbd47e1b0debe494c6d0aed22430254aaf18fbae393
Behaviour
Process Renaming
Botnet C2s
TCP botnet C2(s):
type:Mirai 176.97.210.246:56555
UDP botnet C2(s):
not identified
Result
Verdict:
MALICIOUS
Malware family:
Mirai
Create hunting rule
Verdict:
Malicious
Link:
https://analyze.intezer.com/analyses/c15aa286-7995-4035-ab72-3e1a2fb0a5e1
Result
Threat name:
n/a
Detection:
malicious
Classification:
evad
Score:
52 / 100
Link:
https://www.joesandbox.com/analysis/1449917
Signature
Multi AV Scanner detection for submitted file
Sample is packed with UPX
Behaviour
Behavior Graph:
Download SVG
Score:
100%
Verdict:
Malware
File Type:
ELF
Link:
https://malprob.io/report/4f3b6f2823037a0fb1640bbd47e1b0debe494c6d0aed22430254aaf18fbae393
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/4f3b6f2823037a0fb1640bbd47e1b0debe494c6d0aed22430254aaf18fbae393/
Threat name:
Linux.Trojan.Mirai
Create hunting rule
Status:
Malicious
First seen:
2024-05-31 01:51:06 UTC
File Type:
ELF32 Little (Exe)
AV detection:
16 of 24 (66.67%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=j45w6kbdan5a7mlebo6upynq327estdnblwseqycksvpdd524ojq._file
Result
Malware family:
n/a
Score:
  7/10
Tags:
upx
Link:
https://tria.ge/reports/240531-b9tnmsah2y/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/4f3b6f2823037a0fb1640bbd47e1b0debe494c6d0aed22430254aaf18fbae393

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

elf 4f3b6f2823037a0fb1640bbd47e1b0debe494c6d0aed22430254aaf18fbae393

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/2869637/
  
Delivery method
Distributed via web download

Comments