MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 918bfc741dfa2d7f83e5e3fc96871c9b8fa083d46afe72a641ca5799065c8e68. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 8


Intelligence 8 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 918bfc741dfa2d7f83e5e3fc96871c9b8fa083d46afe72a641ca5799065c8e68
SHA3-384 hash: 440dff3fd4c6f272c3f778cd73a934c450183da0fe376bf1f5ef33efdde6fb5308c48831f6364283bd31266da9114631
SHA1 hash: 41f097c2c95cf6ed71b6f8867ab454b8f519b099
MD5 hash: ce156f5a371e22307832ecbab6c6b582
humanhash: coffee-violet-east-wolfram
File name:spim
Download: download sample
File size:98'176 bytes
First seen:2025-03-30 07:51:59 UTC
Last seen:Never
File type: elf
MIME type:application/x-executable
ssdeep 1536:mVqSjUF+uLHLVdiLzLsLzLsL7LeLGLXL0LLLkLhqqvZjptByZEGkbU+/pWacxZkj:tr9dy1Bj
TLSH T137A3FC2E6E217FADF6A8823107F62FB0D35A12D732E1D385D1ADD6105EB424C189FB94
Magika elf
Reporter abuse_ch
Tags:elf

Intelligence

File Origin
# of uploads :
1
# of downloads :
59
Origin country :
DE DE
Vendor Threat Intelligence
Verdict:
Clean
Score:
99.9%
Link:
https://cyber-fortress.com/docs/result/index.php?id=67e8f9aa855e5ec5240a0697linux22vpnfull_triage
Tags:
n/a
Result
Verdict:
Clean
Maliciousness:
Verdict:
Malicious
Uses P2P?:
false
Uses anti-vm?:
false
Architecture:
mips
Packer:
not packed
Botnet:
unknown
Number of open files:
0
Number of processes launched:
1
Processes remaning?
false
Remote TCP ports scanned:
not identified
Full report:
https://elfdigest.com/brief/918bfc741dfa2d7f83e5e3fc96871c9b8fa083d46afe72a641ca5799065c8e68
Behaviour
no suspicious findings
Botnet C2s
TCP botnet C2(s):
not identified
UDP botnet C2(s):
not identified
Verdict:
Unknown
Link:
https://analyze.intezer.com/analyses/031c99e3-b89f-4354-bf18-8f0532bb63b1
Result
Threat name:
n/a
Detection:
malicious
Classification:
n/a
Score:
48 / 100
Link:
https://www.joesandbox.com/analysis/1652108
Signature
Multi AV Scanner detection for submitted file
Behaviour
Behavior Graph:
Download SVG
Score:
100%
Verdict:
Malware
File Type:
ELF
Link:
https://malprob.io/report/918bfc741dfa2d7f83e5e3fc96871c9b8fa083d46afe72a641ca5799065c8e68
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/918bfc741dfa2d7f83e5e3fc96871c9b8fa083d46afe72a641ca5799065c8e68/
Threat name:
Linux.PUA.Mirai
Create hunting rule
Status:
Malicious
First seen:
2025-03-30 07:52:12 UTC
File Type:
ELF32 Big (Exe)
AV detection:
11 of 24 (45.83%)
Threat level:
  1/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=sgf7y5a57iwx7a7f4p6jnby4toh2ba6unl7hfjsbzjlzsbs4rzua._file
Result
Malware family:
n/a
Score:
  1/10
Tags:
n/a
Link:
https://tria.ge/reports/250330-jqf77sttdy/
Verdict:
Malicious
Tags:
n/a
YARA:
n/a
Link:
https://app.threat.zone/submission/bde00ee9-4756-4908-8153-aa16d1b38d64
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Malicious File
Score:
1.00
Link:
https://yomi.yoroi.company/submissions/918bfc741dfa2d7f83e5e3fc96871c9b8fa083d46afe72a641ca5799065c8e68

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

elf 918bfc741dfa2d7f83e5e3fc96871c9b8fa083d46afe72a641ca5799065c8e68

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3475093/
  
Delivery method
Distributed via web download

BLint

The following table provides more information about this file using BLint. BLint is a Binary Linter to check the security properties, and capabilities in executables.

Findings
IDTitleSeverity
CHECK_NXMissing Non-Executable Memory Protectioncritical
CHECK_PIEMissing Position-Independent Executable (PIE) Protectionhigh

Comments