MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 a6c6489d1f844db3c842b57c361535065a3082b42155769b03fa66c2031bdcb3. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: a6c6489d1f844db3c842b57c361535065a3082b42155769b03fa66c2031bdcb3
SHA3-384 hash: f09359ae770b6de8173dbd71c87d7e74b0d7248893770ef2c14b271fa6f9ac6a21cd551a1763d2cd248d5ec32bf7f4ed
SHA1 hash: b7405111cb0aa4d9dfb5715433851cd0fc4471b3
MD5 hash: f2030e6606d02e9a548075f77d754e4c
humanhash: spaghetti-georgia-sierra-colorado
File name:power
Download: download sample
Signature Mirai
Create hunting rule
File size:91'412 bytes
First seen:2025-11-28 18:31:27 UTC
Last seen:2025-11-28 20:42:54 UTC
File type: elf
MIME type:application/x-executable
ssdeep 1536:a2CDqM/L22Wt1a3aRmsccfq0ofp3XFfaGKfpri:tg27NOpF7Khri
TLSH T165934D02B71C0953C1F75DF02E3F6BE1D3EAAA9021F4D584351EAA4682B1E72954BDCE
Magika elf
Reporter abuse_ch
Tags:elf mirai

Intelligence

File Origin
# of uploads :
3
# of downloads :
76
Origin country :
DE DE
Vendor Threat Intelligence
Result
Verdict:
Suspicious
Maliciousness:

Behaviour
Opens a port
Runs as daemon
Verdict:
Unknown
Threat level:
  0/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/6929eaaf2cd29ea63002ff5b/reports/6c3b34f0-e13c-4d67-aa36-72c0f3ef1dd3/overview
Result
Gathering data
Verdict:
Unknown
Link:
https://analyze.intezer.com/analyses/b2439bb8-37e8-44c9-8203-f67b412e2d19
Result
Threat name:
n/a
Detection:
malicious
Classification:
n/a
Score:
48 / 100
Link:
https://www.joesandbox.com/analysis/1822351
Signature
Antivirus / Scanner detection for submitted sample
Behaviour
Behavior Graph:
Download SVG
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1822351 Sample: power.elf Startdate: 28/11/2025 Architecture: LINUX Score: 48 15 109.202.202.202, 80 INIT7CH Switzerland 2->15 17 91.189.91.42, 443 CANONICAL-ASGB United Kingdom 2->17 19 2 other IPs or domains 2->19 21 Antivirus / Scanner detection for submitted sample 2->21 7 power.elf 2->7         started        9 dash rm 2->9         started        11 dash rm 2->11         started        signatures3 process4 process5 13 power.elf 7->13         started       
Score:
100%
Verdict:
Malware
File Type:
ELF
Link:
https://malprob.io/report/a6c6489d1f844db3c842b57c361535065a3082b42155769b03fa66c2031bdcb3
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/a6c6489d1f844db3c842b57c361535065a3082b42155769b03fa66c2031bdcb3/
Threat name:
Linux.Worm.Mirai
Create hunting rule
Status:
Malicious
First seen:
2025-11-28 18:24:06 UTC
File Type:
ELF32 Big (Exe)
AV detection:
4 of 36 (11.11%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=u3derhi7qrg3hsccwv6dmfjvazndbavuefkxngyd7jtmeay33szq._file
Result
Malware family:
n/a
Score:
  1/10
Tags:
linux
Link:
https://tria.ge/reports/251128-w6n9zazmfr/
Verdict:
Unknown
Tags:
n/a
YARA:
n/a
Link:
https://app.threat.zone/submission/33738ebd-5c95-4e33-8845-ef04f2588fc3
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/a6c6489d1f844db3c842b57c361535065a3082b42155769b03fa66c2031bdcb3

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

elf a6c6489d1f844db3c842b57c361535065a3082b42155769b03fa66c2031bdcb3

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3718787/
  
Delivery method
Distributed via web download

Comments