MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 927bb9d6ff158dcd6555df39054ec1223e1d0cdb15d3dfe14d3597d09fdafcc5. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 10


Intelligence 10 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 927bb9d6ff158dcd6555df39054ec1223e1d0cdb15d3dfe14d3597d09fdafcc5
SHA3-384 hash: 871cbf4a10b01007fad2bb50b16e2db9efd10f2c343fa5cbc1f461daee5a9bf90777cbbb1762db2add90f9f5fe4a8de8
SHA1 hash: 0e399ecaac03940a472090f0defbf4d81705951e
MD5 hash: 633274aa9a46707cc70e035413730bb9
humanhash: connecticut-low-aspen-fifteen
File name:boatnet.spc
Download: download sample
Signature Mirai
Create hunting rule
File size:54'184 bytes
First seen:2026-02-17 19:14:43 UTC
Last seen:Never
File type: elf
MIME type:application/x-executable
ssdeep 768:yoKR+dWhoDDkFm7nMGWU3NAIZotohCJvM+AEMO+VziNxd:yFvhmkFFG33NAIZotUXVWd
TLSH T11A334B21FA391A27C0E4B47A12F7832AB1F6479F90A8C74E7D320E8EFF1499055975B1
Magika elf
Reporter abuse_ch
Tags:elf mirai

Intelligence

File Origin
# of uploads :
1
# of downloads :
50
Origin country :
DE DE
Vendor Threat Intelligence
Malware configuration found for:
Mirai
Details
Mirai
an XOR decryption key and at least a c2 socket address
Link:
https://research.acce.ciphertechsolutions.com/results/2e6c98de-fe84-41a9-a70e-c5f0e964149a/
Detection(s):
Unix.Dropper.Mirai-7136013-0
Create hunting rule

Unix.Trojan.Mirai-8025795-0
Create hunting rule

Unix.Trojan.Mirai-9858729-0
Create hunting rule

Unix.Trojan.Mirai-10058922-0
Create hunting rule

Unix.Trojan.Mirai-10059005-0
Create hunting rule

Result
Gathering data
Verdict:
Malicious
File Type:
elf.32.be
Detections:
HEUR:Backdoor.Linux.Mirai.b
Link:
https://opentip.kaspersky.com/927bb9d6ff158dcd6555df39054ec1223e1d0cdb15d3dfe14d3597d09fdafcc5/results?tab=lookup
Status:
terminated
Link:
https://sandbox.kunai.rocks/analysis/0863e2ba-a6e2-4e71-a968-e589238b9077
Behavior Graph:
Download SVG
%3 guuid=d9ed969f-1600-0000-c6ff-91eee70f0000 pid=4071 /usr/bin/sudo guuid=39a587a1-1600-0000-c6ff-91eeee0f0000 pid=4078 /tmp/sample.bin guuid=d9ed969f-1600-0000-c6ff-91eee70f0000 pid=4071->guuid=39a587a1-1600-0000-c6ff-91eeee0f0000 pid=4078 execve
Malware family:
Mirai
Create hunting rule
Verdict:
Malicious
Link:
https://analyze.intezer.com/analyses/210e37ec-d944-4100-8732-be9ad38eab19
Score:
100%
Verdict:
Malware
File Type:
ELF
Link:
https://malprob.io/report/927bb9d6ff158dcd6555df39054ec1223e1d0cdb15d3dfe14d3597d09fdafcc5
Detection:
mirai
Create hunting rule
Link:
https://mwdb.cert.pl/sample/927bb9d6ff158dcd6555df39054ec1223e1d0cdb15d3dfe14d3597d09fdafcc5/
Verdict:
Malicious
Threat:
Family.MIRAI
Link:
https://tip.neiki.dev/file/927bb9d6ff158dcd6555df39054ec1223e1d0cdb15d3dfe14d3597d09fdafcc5
Threat name:
Linux.Worm.Mirai
Create hunting rule
Status:
Malicious
First seen:
2026-02-17 13:54:48 UTC
File Type:
ELF32 Big (Exe)
AV detection:
22 of 36 (61.11%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=sj53tvx7cwg42zkv344qktwbei7b2dg3cxj57ykngwl5bh627tcq._file
Result
Malware family:
mirai
Create hunting rule
Score:
  10/10
Tags:
family:mirai botnet:lzrd linux
Link:
https://tria.ge/reports/260217-xyeagaaw2h/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/927bb9d6ff158dcd6555df39054ec1223e1d0cdb15d3dfe14d3597d09fdafcc5

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

elf 927bb9d6ff158dcd6555df39054ec1223e1d0cdb15d3dfe14d3597d09fdafcc5

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3779308/
  
Delivery method
Distributed via web download

Comments