MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 678d2387c449051e7ea87dd27cf8528106298c6f262cb7a1e5c6ffee8326a4dd. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments 1
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 678d2387c449051e7ea87dd27cf8528106298c6f262cb7a1e5c6ffee8326a4dd
SHA3-384 hash: 5799bd3c9f66efc307b2f7022cf2a66189aedcd9b4da7073ed343737e0e91cbe9eac9ca51e305f349df00ac9b08184bf
SHA1 hash: b023507b332c68d32b735a72a50e0e0922fae324
MD5 hash: 3e8cf804416e4627ca6ae63d82b292ab
humanhash: table-cup-spaghetti-video
File name:3e8cf804416e4627ca6ae63d82b292ab
Download: download sample
Signature Mirai
Create hunting rule
File size:46'416 bytes
First seen:2021-07-22 14:48:09 UTC
Last seen:Never
File type: elf
MIME type:application/x-executable
ssdeep 768:PqPo2Ap9tDjGuqPDkj9o1uDuTA3nRqM+7ojxed1VCFEn/OXwCVy/zmJHUhG1jewU:CPDC7jnqwj9KTAYrd+Gn/FzVLS1S2
TLSH T1DD23E9C27891AE29C7D057BBEE6F018E3354A798D1EA7353C8240B947ACA90F0D57F46
telfhash t11fe07d00ec758b188cd79a74ad9d07b4d901221254574b10cf10d6f4d83f448f30cd5a
Reporter zbetcheckin
Tags:32 arm elf mirai

Intelligence

File Origin
# of uploads :
1
# of downloads :
121
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Unix.Dropper.Mirai-7135890-0
Create hunting rule

Unix.Dropper.Mirai-7135939-0
Create hunting rule

Unix.Dropper.Mirai-7136025-0
Create hunting rule

Verdict:
Malicious
Uses P2P?:
false
Uses anti-vm?:
false
Architecture:
arm
Packer:
not packed
Botnet:
unknown
Number of open files:
0
Number of processes launched:
0
Processes remaning?
false
Remote TCP ports scanned:
not identified
Full report:
https://elfdigest.com/brief/678d2387c449051e7ea87dd27cf8528106298c6f262cb7a1e5c6ffee8326a4dd
Behaviour
no suspicious findings
Botnet C2s
TCP botnet C2(s):
not identified
UDP botnet C2(s):
not identified
Result
Verdict:
MALICIOUS
Malware family:
Mirai
Create hunting rule
Verdict:
Malicious
Link:
https://analyze.intezer.com/analyses/172cac86-df1d-4ab2-8fc8-982b0ee98096
Result
Threat name:
Unknown
Detection:
malicious
Classification:
n/a
Score:
48 / 100
Link:
https://www.joesandbox.com/analysis/820239
Signature
Multi AV Scanner detection for submitted file
Behaviour
Behavior Graph:
Download SVG
Detection:
mirai
Create hunting rule
Link:
https://mwdb.cert.pl/sample/678d2387c449051e7ea87dd27cf8528106298c6f262cb7a1e5c6ffee8326a4dd/
Threat name:
Linux.Trojan.Mirai
Create hunting rule
Status:
Malicious
First seen:
2021-07-22 14:49:05 UTC
AV detection:
24 of 45 (53.33%)
Threat level:
  5/5
Result
Malware family:
n/a
Score:
  1/10
Tags:
linux
Link:
https://tria.ge/reports/210722-7y5kl2abfa/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.20
Link:
https://yomi.yoroi.company/submissions/678d2387c449051e7ea87dd27cf8528106298c6f262cb7a1e5c6ffee8326a4dd

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

elf 678d2387c449051e7ea87dd27cf8528106298c6f262cb7a1e5c6ffee8326a4dd

(this sample)

  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/1473645/

Comments


Avatar
zbet commented on 2021-07-22 14:48:10 UTC

url : hxxp://195.133.40.108/AB4g5/Josho.arm5