MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 9b74dff20bfa0a7fc3e6a57bcaa279327dbc5078bfa93fffa55cd2ec5e522945. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments 1
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: 9b74dff20bfa0a7fc3e6a57bcaa279327dbc5078bfa93fffa55cd2ec5e522945
SHA3-384 hash: 3299a95e56c9c92610f60cba336beb40675587f4923f2d80cfa12d5b8482514e13b0444004d27f266b9a165ef8126a72
SHA1 hash: fc8158d7e5a7cffb4b2c799992c3abe26cfa344e
MD5 hash: 6fcfa2492ac431e7bc6d41b5bc613c0f
humanhash: fish-table-enemy-oregon
File name:6fcfa2492ac431e7bc6d41b5bc613c0f
Download: download sample
Signature Mirai
Create hunting rule
File size:71'528 bytes
First seen:2021-07-14 13:02:33 UTC
Last seen:Never
File type: elf
MIME type:application/x-executable
ssdeep 768:QxNCJ0EYlDYhHnrwqsFDwLX3U6ngBhN6PNUpGXS5SyeweVKe0n3oNWpkmPqXitMF:QxNCJBYlZFwwjhwPTXSNxIKzn6CpC
TLSH T16263A506BF214FF7DCAFDD3749A91B05258C640B21A97B397E34D828F64A24F19E3860
Reporter zbetcheckin
Tags:32 elf mips mirai

Intelligence

File Origin
# of uploads :
1
# of downloads :
103
Origin country :
n/a
Vendor Threat Intelligence
Detection(s):
Unix.Dropper.Mirai-7135890-0
Create hunting rule

Unix.Dropper.Mirai-7135939-0
Create hunting rule

Unix.Dropper.Mirai-7136025-0
Create hunting rule

Verdict:
Malicious
Uses P2P?:
false
Uses anti-vm?:
false
Architecture:
mips
Packer:
not packed
Botnet:
unknown
Number of open files:
7
Number of processes launched:
1
Processes remaning?
false
Remote TCP ports scanned:
not identified
Full report:
https://elfdigest.com/brief/9b74dff20bfa0a7fc3e6a57bcaa279327dbc5078bfa93fffa55cd2ec5e522945
Behaviour
no suspicious findings
Botnet C2s
TCP botnet C2(s):
not identified
UDP botnet C2(s):
not identified
Malware family:
Mirai
Create hunting rule
Verdict:
Malicious
Link:
https://analyze.intezer.com/analyses/83493473-3fec-411e-ae7d-b5e049a66ed2
Detection:
mirai
Create hunting rule
Link:
https://mwdb.cert.pl/sample/9b74dff20bfa0a7fc3e6a57bcaa279327dbc5078bfa93fffa55cd2ec5e522945/
Threat name:
Linux.Trojan.Mirai
Create hunting rule
Status:
Malicious
First seen:
2021-07-14 13:03:04 UTC
AV detection:
25 of 46 (54.35%)
Threat level:
  5/5
Result
Malware family:
n/a
Score:
  1/10
Tags:
linux
Link:
https://tria.ge/reports/210714-s7d4kl2nye/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.20
Link:
https://yomi.yoroi.company/submissions/9b74dff20bfa0a7fc3e6a57bcaa279327dbc5078bfa93fffa55cd2ec5e522945

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

elf 9b74dff20bfa0a7fc3e6a57bcaa279327dbc5078bfa93fffa55cd2ec5e522945

(this sample)

  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/1453726/
  
URLhaus
https://urlhaus.abuse.ch/url/1454110/
  
URLhaus
https://urlhaus.abuse.ch/url/1446581/
  
URLhaus
https://urlhaus.abuse.ch/url/1453705/
  
URLhaus
https://urlhaus.abuse.ch/url/1453689/
  
URLhaus
https://urlhaus.abuse.ch/url/1453683/

Comments


Avatar
zbet commented on 2021-07-14 13:02:34 UTC

url : hxxp://46.166.185.38/AB4g5/Josho.mpsl