MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 a96c5e1995a9bbbdfb7454b02c8ab7fc5fdbbfbb1d180f076fcb5301ed18f9e0. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 7


Intelligence 7 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: a96c5e1995a9bbbdfb7454b02c8ab7fc5fdbbfbb1d180f076fcb5301ed18f9e0
SHA3-384 hash: f923a664e00864176f32e54cdad516275d3ae34738c2e43afb331c058fbe7cb0454946e215563b5b79230d9f9241a69d
SHA1 hash: 5ad1abb1393c75143137c3f3811411c31aca89d4
MD5 hash: 05a687bed5d64b2a41f322c48390dfd9
humanhash: red-massachusetts-mississippi-bravo
File name:cutesparc
Download: download sample
Signature Mirai
Create hunting rule
File size:51'528 bytes
First seen:2025-06-15 21:55:20 UTC
Last seen:2025-06-16 21:40:05 UTC
File type: elf
MIME type:application/x-executable
ssdeep 768:L8fRFyblPS015Q+bN2xUf6hAPZO+75ezmsnc1tsI4:gfRQblPS0154cVB75eets/
TLSH T182332A31B5624923C4D2593A12E7063AF5F28A8E5CF8873B7DD10F58FFA4A442193EE5
Magika elf
Reporter abuse_ch
Tags:elf mirai

Intelligence

File Origin
# of uploads :
2
# of downloads :
81
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
Unix.Trojan.Mirai-9854559-0
Create hunting rule

Unix.Trojan.Mirai-9885101-0
Create hunting rule

Unix.Malware.Mirai-9896989-0
Create hunting rule

Unix.Trojan.Mirai-9899908-0
Create hunting rule

Verdict:
Clean
Score:
82.2%
Link:
https://cyber-fortress.com/docs/result/index.php?id=684f415f8bd5d68a12e8b885linux22vpnfull_triage
Tags:
n/a
Status:
terminated
Link:
https://sandbox.kunai.rocks/analysis/5c85672f-4b1e-4560-b7b0-61e50e949945
Behavior Graph:
Download SVG
%3 guuid=c4584b33-1900-0000-40c6-d7802d080000 pid=2093 /usr/bin/sudo guuid=f355a835-1900-0000-40c6-d78034080000 pid=2100 /tmp/sample.bin guuid=c4584b33-1900-0000-40c6-d7802d080000 pid=2093->guuid=f355a835-1900-0000-40c6-d78034080000 pid=2100 execve
Verdict:
Unknown
Link:
https://analyze.intezer.com/analyses/ae1865c1-fa3d-4113-aa44-881276bf7acb
Result
Threat name:
n/a
Detection:
malicious
Classification:
n/a
Score:
48 / 100
Link:
https://www.joesandbox.com/analysis/1714989
Signature
Multi AV Scanner detection for submitted file
Behaviour
Behavior Graph:
Download SVG
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1714989 Sample: cutesparc.elf Startdate: 15/06/2025 Architecture: LINUX Score: 48 26 103.149.252.178, 44664, 5683 DVS-AS-VNVIETDIGITALTECHNOLOGYLIABILITYCOMPANYVN unknown 2->26 28 Multi AV Scanner detection for submitted file 2->28 10 cutesparc.elf 2->10         started        signatures3 process4 process5 12 cutesparc.elf 10->12         started        process6 14 cutesparc.elf 12->14         started        process7 16 cutesparc.elf sh 14->16         started        18 cutesparc.elf sh 14->18         started        process8 20 sh mv 16->20         started        22 sh chmod 16->22         started        24 sh mkdir 18->24         started       
Score:
100%
Verdict:
Malware
File Type:
ELF
Link:
https://malprob.io/report/a96c5e1995a9bbbdfb7454b02c8ab7fc5fdbbfbb1d180f076fcb5301ed18f9e0
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/a96c5e1995a9bbbdfb7454b02c8ab7fc5fdbbfbb1d180f076fcb5301ed18f9e0/
Threat name:
Linux.Worm.Mirai
Create hunting rule
Status:
Malicious
First seen:
2025-06-15 21:56:19 UTC
File Type:
ELF32 Big (Exe)
AV detection:
25 of 38 (65.79%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=vfwf4gmvvg53363uksyczcvx7rp5xp53duma6b3pznjqd3iy7hqa._file
Result
Malware family:
mirai
Create hunting rule
Score:
  10/10
Tags:
family:mirai linux
Link:
https://tria.ge/reports/250615-1s7llssr12/
Verdict:
Malicious
Tags:
Unix.Trojan.Mirai-9854559-0
YARA:
n/a
Link:
https://app.threat.zone/submission/2d815a6c-78a9-4233-b1ce-7089826aaff5
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/a96c5e1995a9bbbdfb7454b02c8ab7fc5fdbbfbb1d180f076fcb5301ed18f9e0

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

elf a96c5e1995a9bbbdfb7454b02c8ab7fc5fdbbfbb1d180f076fcb5301ed18f9e0

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3562364/
  
Delivery method
Distributed via web download
  
URLhaus
https://urlhaus.abuse.ch/url/3562379/

Comments