MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 617fc11e720fada87908a3bd0a1f29b7a6d748bb28247e5840a6b4749c710ee3. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Mirai

Vendor detections: 10

Intelligence 10 IOCs YARA File information Comments

SHA256 hash:	617fc11e720fada87908a3bd0a1f29b7a6d748bb28247e5840a6b4749c710ee3
SHA3-384 hash:	d3874167474a18f342f94b9b23f29ec86ccc412fa54c3a02101befe782c8e002325b784a93f95814b8b068bb1aa9c79b
SHA1 hash:	6ea6982c019b693fc8d31af1acd471982c29b878
MD5 hash:	7557d62880280f8bf25e1f6c37e18b4d
humanhash:	river-two-oscar-chicken
File name:	m68k
Download:	download sample
Signature	Mirai Create hunting rule
File size:	91'960 bytes
First seen:	2025-11-06 07:06:48 UTC
Last seen:	Never
File type:	elf
MIME type:	application/x-executable
ssdeep	1536:fGetBfp3Ed+S840WQhP2U8iQyMCF0UwKHVGzp/cQZ1Jl8tuETyri:fjbR3EEr41QhP2pyMCF9H09X8tuETyri
TLSH	T139934CE6FC01ED7EF40FDB7744574919B330A3A219931E3573A3BA17A8351A94863E82
Magika	elf
Reporter	abuse_ch
Tags:	elf mirai

Intelligence

File Origin

# of uploads :

1

# of downloads :

164

Origin country :

DE

Vendor Threat Intelligence

Detection(s):

Unix.Trojan.Mirai-6981989-0

Unix.Trojan.Gafgyt-7782058-0

Unix.Trojan.Mirai-9940650-0

Unix.Trojan.Mirai-10018298-0

Verdict:

Malicious

Threat level:

10/10

Confidence:

100%

Tags:

mirai

Link:

https://www.filescan.io/uploads/690c492154bd57cadc98f2ef/reports/e1ae1de2-d80d-41d6-993c-1ce29dffd28b/overview

Verdict:

Malicious

File Type:

elf.32.be

First seen:

2025-11-06T04:21:00Z UTC

Last seen:

2025-11-07T10:29:00Z UTC

Hits:

~10

Detections:

HEUR:Backdoor.Linux.Mirai.b

Link:

https://opentip.kaspersky.com/617fc11e720fada87908a3bd0a1f29b7a6d748bb28247e5840a6b4749c710ee3/results?tab=lookup

Status:

terminated

Link:

https://sandbox.kunai.rocks/analysis/0d43099e-cb09-4186-ae79-ba79a115fea3

Behavior Graph:

Verdict:

Unknown

Link:

https://analyze.intezer.com/analyses/bb918650-9828-4ea6-bd56-9268740f7d01

Result

Threat name:

n/a

Detection:

malicious

Classification:

n/a

Score:

48 / 100

Link:

https://www.joesandbox.com/analysis/1809067

Signature

Multi AV Scanner detection for submitted file

Behaviour

Behavior Graph:

Score:

100%

Verdict:

Malware

File Type:

ELF

Link:

https://malprob.io/report/617fc11e720fada87908a3bd0a1f29b7a6d748bb28247e5840a6b4749c710ee3

Detection:

n/a

Link:

https://mwdb.cert.pl/sample/617fc11e720fada87908a3bd0a1f29b7a6d748bb28247e5840a6b4749c710ee3/

Verdict:

Malicious

Threat:

Family.MIRAI

Link:

https://tip.neiki.dev/file/617fc11e720fada87908a3bd0a1f29b7a6d748bb28247e5840a6b4749c710ee3

Threat name:

Linux.Worm.Mirai

Status:

Malicious

First seen:

2025-11-06 07:07:15 UTC

File Type:

ELF32 Big (Exe)

AV detection:

13 of 24 (54.17%)

Threat level:

5/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=mf74chtsb6w2q6iiuo6quhzjw6tnosf3fash4wcau22hjhdrb3rq._file

Result

Malware family:

mirai

Score:

10/10

Tags:

family:mirai linux

Link:

https://tria.ge/reports/251106-hxq6bagq41/

Verdict:

Malicious

Tags:

Unix.Trojan.Mirai-6981989-0

YARA:

n/a

Link:

https://app.threat.zone/submission/9acbbf6f-6cc0-4e26-9745-bbec094ffa1a

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Legit

Score:

0.00

Link:

https://yomi.yoroi.company/submissions/617fc11e720fada87908a3bd0a1f29b7a6d748bb28247e5840a6b4749c710ee3

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

elf 617fc11e720fada87908a3bd0a1f29b7a6d748bb28247e5840a6b4749c710ee3

(this sample)

URLhaus

https://urlhaus.abuse.ch/url/3693011/

Delivery method

Distributed via web download

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample