MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 8b4fe3b1ca07a3fbfc7d0ba233b6cdcefa2528699e06687dfc4dae8db66418e2. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 9


Intelligence 9 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 8b4fe3b1ca07a3fbfc7d0ba233b6cdcefa2528699e06687dfc4dae8db66418e2
SHA3-384 hash: ccd26f9f25f9740d982728a16a7fa5489eb8888de82fc1c7a32f4a41f3d167a3871798cd8d2a8a6fbe8778ccfb7ca1c9
SHA1 hash: 9b44897ca78b0e22b3c822605fa26ae12b9f0454
MD5 hash: 6b6a28c8828b1eb6ce3adeadeab30800
humanhash: alaska-pennsylvania-beer-robert
File name:boatnet.m68k
Download: download sample
Signature Mirai
Create hunting rule
File size:53'024 bytes
First seen:2026-02-17 06:16:40 UTC
Last seen:Never
File type: elf
MIME type:application/x-executable
ssdeep 1536:qN477eh2D9fV7HgEgc8eh1gBUxCWQ1v7d:qU9fFHgxGu5W+J
TLSH T1CE332AD6B5029DBCF95BEBBA8413460AF531B7561083063763BBFC53AC361A44E23D85
Magika elf
Reporter abuse_ch
Tags:elf mirai

Intelligence

File Origin
# of uploads :
1
# of downloads :
57
Origin country :
DE DE
Vendor Threat Intelligence
Malware configuration found for:
Mirai
Details
Mirai
an XOR decryption key and at least a c2 socket address
Link:
https://research.acce.ciphertechsolutions.com/results/9978aaa9-0670-46a7-aa08-e90ea7472a0d/
Detection(s):
Unix.Trojan.Mirai-6981989-0
Create hunting rule

Unix.Dropper.Mirai-7136013-0
Create hunting rule

Unix.Trojan.Mirai-8025795-0
Create hunting rule

Unix.Trojan.Mirai-9858729-0
Create hunting rule

Unix.Trojan.Mirai-9940650-0
Create hunting rule

Unix.Trojan.Mirai-10018298-0
Create hunting rule

Unix.Trojan.Mirai-10058922-0
Create hunting rule

Unix.Trojan.Mirai-10059005-0
Create hunting rule

Verdict:
Malicious
File Type:
elf.32.be
Detections:
HEUR:Backdoor.Linux.Mirai.b
Link:
https://opentip.kaspersky.com/8b4fe3b1ca07a3fbfc7d0ba233b6cdcefa2528699e06687dfc4dae8db66418e2/results?tab=lookup
Status:
terminated
Link:
https://sandbox.kunai.rocks/analysis/61e4b4d9-ab23-47b4-b72b-f86f6bf0e9c3
Behavior Graph:
Download SVG
%3 guuid=f11d6907-1b00-0000-842e-05c36a0a0000 pid=2666 /usr/bin/sudo guuid=1bca0c09-1b00-0000-842e-05c36f0a0000 pid=2671 /tmp/sample.bin guuid=f11d6907-1b00-0000-842e-05c36a0a0000 pid=2666->guuid=1bca0c09-1b00-0000-842e-05c36f0a0000 pid=2671 execve
Verdict:
Unknown
Link:
https://analyze.intezer.com/analyses/89f463ee-aa9b-4537-a72d-53f61df21626
Score:
100%
Verdict:
Malware
File Type:
ELF
Link:
https://malprob.io/report/8b4fe3b1ca07a3fbfc7d0ba233b6cdcefa2528699e06687dfc4dae8db66418e2
Detection:
mirai
Create hunting rule
Link:
https://mwdb.cert.pl/sample/8b4fe3b1ca07a3fbfc7d0ba233b6cdcefa2528699e06687dfc4dae8db66418e2/
Verdict:
Malicious
Threat:
Family.MIRAI
Link:
https://tip.neiki.dev/file/8b4fe3b1ca07a3fbfc7d0ba233b6cdcefa2528699e06687dfc4dae8db66418e2
Threat name:
Linux.Worm.Mirai
Create hunting rule
Status:
Malicious
First seen:
2026-02-17 03:08:40 UTC
File Type:
ELF32 Big (Exe)
AV detection:
24 of 38 (63.16%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=rnh6hmoka6r7x7d5bordhnwnz35ckkdjtydgq7p4jwxi3nteddra._file
Result
Malware family:
mirai
Create hunting rule
Score:
  10/10
Tags:
family:mirai botnet:lzrd linux
Link:
https://tria.ge/reports/260217-g158zahv2c/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/8b4fe3b1ca07a3fbfc7d0ba233b6cdcefa2528699e06687dfc4dae8db66418e2

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

elf 8b4fe3b1ca07a3fbfc7d0ba233b6cdcefa2528699e06687dfc4dae8db66418e2

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3779310/
  
Delivery method
Distributed via web download

Comments