MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 98a4cade937c06972cc9fea3ae709671a184a521663b455916d522d4b5d0b0a0. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 12


Intelligence 12 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 98a4cade937c06972cc9fea3ae709671a184a521663b455916d522d4b5d0b0a0
SHA3-384 hash: c68f26987574542b77d0a92a84f31b42a7bc36ebef5855340ada44cd69b6edd4c981d15bcfc650d969b5bdbaae2042e3
SHA1 hash: 5b017e0600556e46bc71edd7e61435163d3cd392
MD5 hash: 6a761808fd9ef943bc91d8da695b2ea8
humanhash: green-maine-timing-equal
File name:m68k
Download: download sample
Signature Mirai
Create hunting rule
File size:73'524 bytes
First seen:2025-01-09 11:46:44 UTC
Last seen:Never
File type: elf
MIME type:application/x-executable
ssdeep 1536:awW0PKt9cwxjQ/ZIXIdZzN3TD8Utia84GLf84Eo5WOK+7c4R6yN:awsg3dZzN3FtijjESWBryN
TLSH T155732ADAB800DEBCF40ADAB68557490BF531A3518E930F36662BFD837D720A44D27D86
Magika elf
Reporter abuse_ch
Tags:elf mirai

Intelligence

File Origin
# of uploads :
1
# of downloads :
128
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
Sanesecurity.Malware.29504.LC.UNOFFICIAL
Create hunting rule

Unix.Trojan.Mirai-6981989-0
Create hunting rule

Unix.Dropper.Mirai-7136015-0
Create hunting rule

Unix.Trojan.Gafgyt-7782058-0
Create hunting rule

Unix.Trojan.Mirai-9876194-0
Create hunting rule

Unix.Trojan.Mirai-9940650-0
Create hunting rule

Unix.Trojan.Mirai-10018298-0
Create hunting rule

Verdict:
Malicious
Score:
92.5%
Link:
https://cyber-fortress.com/docs/result/index.php?id=677fb87fffdcee13ec889a6elinux22vpnfull_triage
Tags:
mirai ddos
Verdict:
Likely Malicious
Threat level:
  7.5/10
Confidence:
100%
Tags:
anti-debug lolbin remote
Link:
https://www.filescan.io/uploads/677fb73b5ace5d5dee736bd2/reports/701f3e63-1da6-4db7-860c-e4d76da5cd50/overview
Result
Verdict:
MALICIOUS
Verdict:
Unknown
Link:
https://analyze.intezer.com/analyses/482a62b9-a1da-4362-b7ca-7b59788ddf08
Result
Threat name:
Mirai
Create hunting rule
Detection:
malicious
Classification:
troj
Score:
64 / 100
Link:
https://www.joesandbox.com/analysis/1586644
Signature
Antivirus / Scanner detection for submitted sample
Multi AV Scanner detection for submitted file
Yara detected Mirai
Behaviour
Behavior Graph:
Download SVG
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1586644 Sample: m68k.elf Startdate: 09/01/2025 Architecture: LINUX Score: 64 20 13.12.31.115 XEROX-WVUS United States 2->20 22 13.19.25.63, 23 XEROX-WVUS United States 2->22 24 98 other IPs or domains 2->24 26 Antivirus / Scanner detection for submitted sample 2->26 28 Multi AV Scanner detection for submitted file 2->28 30 Yara detected Mirai 2->30 8 dash rm m68k.elf 2->8         started        10 dash rm 2->10         started        signatures3 process4 process5 12 m68k.elf 8->12         started        process6 14 m68k.elf 12->14         started        16 m68k.elf 12->16         started        18 m68k.elf 12->18         started       
Score:
100%
Verdict:
Malware
File Type:
ELF
Link:
https://malprob.io/report/98a4cade937c06972cc9fea3ae709671a184a521663b455916d522d4b5d0b0a0
Detection:
mirai
Create hunting rule
Link:
https://mwdb.cert.pl/sample/98a4cade937c06972cc9fea3ae709671a184a521663b455916d522d4b5d0b0a0/
Threat name:
Linux.Trojan.Mirai
Create hunting rule
Status:
Malicious
First seen:
2025-01-09 12:08:16 UTC
AV detection:
24 of 38 (63.16%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=tcsmvxutpqdjolgj72r244ewogqyjjjbmy5ukwiw2urnjnoqwcqa._file
Result
Malware family:
mirai
Create hunting rule
Score:
  10/10
Tags:
family:mirai botnet:wicked linux
Link:
https://tria.ge/reports/250109-nxvrdsypcs/
Verdict:
Malicious
Tags:
Unix.Trojan.Mirai-6981989-0
YARA:
n/a
Link:
https://app.threat.zone/submission/682a82dd-9805-4776-b636-c44e079fc475
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Mirai
Score:
0.90
Link:
https://yomi.yoroi.company/submissions/98a4cade937c06972cc9fea3ae709671a184a521663b455916d522d4b5d0b0a0

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

elf 98a4cade937c06972cc9fea3ae709671a184a521663b455916d522d4b5d0b0a0

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3394778/
  
Delivery method
Distributed via web download

Comments