MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 796c8a73d6364875c5257356c51d80f507093ac8a447c86a3250e4eec2fbafa9. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 9


Intelligence 9 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 796c8a73d6364875c5257356c51d80f507093ac8a447c86a3250e4eec2fbafa9
SHA3-384 hash: 25dbcaf0a875f1b6b1d6b0310fa000ab1d3913109bfe7472efd473cc8658cc90baa22fe1b4ec1c3c5b113c2b8e68d828
SHA1 hash: 7be7ebdf95ac4a4a87bfa68d973ac714a1d616ed
MD5 hash: 91e97f6c63960df69a263165467bade6
humanhash: delaware-item-rugby-grey
File name:spc
Download: download sample
Signature Mirai
Create hunting rule
File size:88'500 bytes
First seen:2025-11-09 01:22:54 UTC
Last seen:Never
File type: elf
MIME type:application/x-executable
ssdeep 1536:y/nd6kOh/FU5cdwyLbx9Bt/bUOt5JQHgo8wtchMGe:ogkO/TwqRll/URV
TLSH T14A833A22B93A1E27C5C0687B22F34725F2F6538A25F8CA1E7D620D4EBF2565031876F5
Magika elf
Reporter abuse_ch
Tags:elf mirai

Intelligence

File Origin
# of uploads :
1
# of downloads :
133
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Unknown
Threat level:
  0/10
Confidence:
100%
Tags:
gafgyt mirai
Link:
https://www.filescan.io/uploads/690fed032b74ec26eb6c08ef/reports/79dbc8f3-d67f-46cb-a394-20b4211b82d9/overview
Verdict:
Malicious
File Type:
elf.32.be
First seen:
2025-11-08T22:28:00Z UTC
Last seen:
2025-11-08T23:07:00Z UTC
Hits:
~10
Detections:
HEUR:Backdoor.Linux.Mirai.b
Link:
https://opentip.kaspersky.com/796c8a73d6364875c5257356c51d80f507093ac8a447c86a3250e4eec2fbafa9/results?tab=lookup
Status:
terminated
Link:
https://sandbox.kunai.rocks/analysis/01ae7432-9665-4cff-8270-4cc2a69433d9
Behavior Graph:
Download SVG
%3 guuid=0574f50c-1800-0000-e1cb-e787890c0000 pid=3209 /usr/bin/sudo guuid=d1062b0f-1800-0000-e1cb-e7878a0c0000 pid=3210 /tmp/sample.bin guuid=0574f50c-1800-0000-e1cb-e787890c0000 pid=3209->guuid=d1062b0f-1800-0000-e1cb-e7878a0c0000 pid=3210 execve
Verdict:
Unknown
Link:
https://analyze.intezer.com/analyses/ce1a384a-7b59-4f9f-bb83-cc89d7d915fc
Result
Threat name:
n/a
Detection:
malicious
Classification:
n/a
Score:
48 / 100
Link:
https://www.joesandbox.com/analysis/1810784
Signature
Multi AV Scanner detection for submitted file
Behaviour
Behavior Graph:
Download SVG
Score:
100%
Verdict:
Malware
File Type:
ELF
Link:
https://malprob.io/report/796c8a73d6364875c5257356c51d80f507093ac8a447c86a3250e4eec2fbafa9
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/796c8a73d6364875c5257356c51d80f507093ac8a447c86a3250e4eec2fbafa9/
Verdict:
Malicious
Threat:
Family.MIRAI
Link:
https://tip.neiki.dev/file/796c8a73d6364875c5257356c51d80f507093ac8a447c86a3250e4eec2fbafa9
Threat name:
Linux.Worm.Mirai
Create hunting rule
Status:
Malicious
First seen:
2025-11-09 01:23:17 UTC
File Type:
ELF32 Big (Exe)
AV detection:
13 of 24 (54.17%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=pfwiu46wgzehlrjfonlmkhma6udqsowiurd4q2rskdso5qx3v6uq._file
Result
Malware family:
mirai
Create hunting rule
Score:
  10/10
Tags:
family:mirai linux
Link:
https://tria.ge/reports/251109-brxmks1mdw/
Verdict:
Malicious
Tags:
n/a
YARA:
n/a
Link:
https://app.threat.zone/submission/59b51de7-a864-4081-9838-8e9ee9afc70d
Please note that we are no longer able to provide a coverage score for Virus Total.

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

elf 796c8a73d6364875c5257356c51d80f507093ac8a447c86a3250e4eec2fbafa9

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3693010/
  
Delivery method
Distributed via web download

Comments