MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 55c7adaafde721f4c3396ee65a18455442d70681a82eaddb7f2a5a88f1c17b2f. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 55c7adaafde721f4c3396ee65a18455442d70681a82eaddb7f2a5a88f1c17b2f
SHA3-384 hash: cc4d1294fb7caea1501d64582670c8c6c13031e9185521db797d4f0fd5b6f47465484e3a48c6c878790da35a9bda0bfd
SHA1 hash: 7905b5bcec964bc2699bd0d622bd0832e3b70fb8
MD5 hash: 97adc5d60a52e7fc8f4f5cbbcff742d4
humanhash: harry-carolina-twelve-twenty
File name:Josho.spc
Download: download sample
Signature Mirai
Create hunting rule
File size:44'544 bytes
First seen:2026-01-09 07:53:48 UTC
Last seen:2026-01-09 09:38:38 UTC
File type: elf
MIME type:application/x-executable
ssdeep 768:s3oFqTq1I7pWfFeC00Ekk+8RogCzjEAFbgiGTO+LW8lwSGe:s3T21IVWfFa0Ekk+8RoxRFBmnz
TLSH T1B6133B30BA7A2E27C4D4A9BA52F34318B2F5535E56E8C71A3C720E4DFF5198065172F8
Magika elf
Reporter abuse_ch
Tags:elf mirai

Intelligence

File Origin
# of uploads :
3
# of downloads :
103
Origin country :
DE DE
Vendor Threat Intelligence
Malware configuration found for:
Mirai
Details
Mirai
an XOR decryption key and at least a c2 socket address
Link:
https://research.acce.ciphertechsolutions.com/results/b9d8cd84-b4f2-41cd-9ca6-54e666290800/
Detection(s):
SecuriteInfo.com.Linux.Mirai.1651.16813.8210.UNOFFICIAL
Create hunting rule

Verdict:
Unknown
Threat level:
  0/10
Confidence:
100%
Tags:
masquerade mirai
Link:
https://www.filescan.io/uploads/6960b4391a20a4c87b19a066/reports/b61c2b63-d9a3-4e68-9f4d-65ce18a57a07/overview
Result
Gathering data
Status:
terminated
Link:
https://sandbox.kunai.rocks/analysis/401706bb-0282-40d6-bbdb-6a634b649e31
Behavior Graph:
Download SVG
%3 guuid=8d05ebb9-1900-0000-c187-7e0c8e090000 pid=2446 /usr/bin/sudo guuid=704b62bc-1900-0000-c187-7e0c95090000 pid=2453 /tmp/sample.bin guuid=8d05ebb9-1900-0000-c187-7e0c8e090000 pid=2446->guuid=704b62bc-1900-0000-c187-7e0c95090000 pid=2453 execve
Verdict:
Unknown
Link:
https://analyze.intezer.com/analyses/f5f2ebde-36db-4c36-a0ca-381c83d6af59
Result
Threat name:
n/a
Detection:
malicious
Classification:
n/a
Score:
48 / 100
Link:
https://www.joesandbox.com/analysis/1847125
Signature
Multi AV Scanner detection for submitted file
Behaviour
Behavior Graph:
Download SVG
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1847125 Sample: Josho.spc.elf Startdate: 09/01/2026 Architecture: LINUX Score: 48 18 87.121.112.123, 52528, 911 NETERRA-ASBG Bulgaria 2->18 20 185.125.190.26, 443 CANONICAL-ASGB United Kingdom 2->20 22 2 other IPs or domains 2->22 24 Multi AV Scanner detection for submitted file 2->24 8 Josho.spc.elf 2->8         started        10 dash rm 2->10         started        12 dash rm 2->12         started        signatures3 process4 process5 14 Josho.spc.elf 8->14         started        process6 16 Josho.spc.elf 14->16         started       
Score:
100%
Verdict:
Malware
File Type:
ELF
Link:
https://malprob.io/report/55c7adaafde721f4c3396ee65a18455442d70681a82eaddb7f2a5a88f1c17b2f
Detection:
mirai
Create hunting rule
Link:
https://mwdb.cert.pl/sample/55c7adaafde721f4c3396ee65a18455442d70681a82eaddb7f2a5a88f1c17b2f/
Threat name:
Linux.Worm.Mirai
Create hunting rule
Status:
Malicious
First seen:
2026-01-09 07:40:41 UTC
File Type:
ELF32 Big (Exe)
AV detection:
15 of 36 (41.67%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=kxd23kx544q7jqzzn3tfugcfkrbnobubvaxk3w37fjnir4obpmxq._file
Result
Malware family:
n/a
Score:
  1/10
Tags:
linux
Link:
https://tria.ge/reports/260109-jrs86ady7c/
Verdict:
Unknown
Tags:
n/a
YARA:
n/a
Link:
https://app.threat.zone/submission/474a9146-b9ac-417d-a64a-8341b3f75a2a
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/55c7adaafde721f4c3396ee65a18455442d70681a82eaddb7f2a5a88f1c17b2f

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

elf 55c7adaafde721f4c3396ee65a18455442d70681a82eaddb7f2a5a88f1c17b2f

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3754089/
  
Delivery method
Distributed via web download

Comments