MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 bb3c220672d680e82993f3d702103826c1c69dcc0beaf3520f0204f420055667. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Mirai

Vendor detections: 5

Intelligence 5 IOCs YARA File information Comments

SHA256 hash:	bb3c220672d680e82993f3d702103826c1c69dcc0beaf3520f0204f420055667
SHA3-384 hash:	3f2c8d8c17ca871776e97011154df3ccbf345ed7821625bbc26470a2c874f675af1d281423aef9402d35191c0d0f1df2
SHA1 hash:	bca51980607ef8381b18d0ab4a01e378b0934674
MD5 hash:	6f15cdc9d2feda4f29b706ebd47b2336
humanhash:	kansas-montana-black-utah
File name:	6f15cdc9d2feda4f29b706ebd47b2336
Download:	download sample
Signature	Mirai Create hunting rule
File size:	26'184 bytes
First seen:	2021-06-15 20:06:35 UTC
Last seen:	Never
File type:	elf
MIME type:	application/x-executable
ssdeep	768:f2G214DFyosXqgvV9o1ndB08RfJgGlzDpbuR1Ju:f2GdDgosaaO1ndDdVJuE
TLSH	39C2E198174919E9D2F9C17D47B80B6D1CB40BAAF809DC8578F8F7629D8E4B43023ED9
Reporter	zbetcheckin
Tags:	32 elf mips mirai

Intelligence

File Origin

# of uploads :

# of downloads :

180

Origin country :

n/a

Vendor Threat Intelligence

Detection(s):

Unix.Trojan.Mirai-7846756-0

Verdict:

Malicious

Uses P2P?:

false

Uses anti-vm?:

false

Architecture:

mips

Packer:

UPX

Botnet:

Number of open files:

Number of processes launched:

Processes remaning?

true

Remote TCP ports scanned:

Full report:

https://elfdigest.com/brief/bb3c220672d680e82993f3d702103826c1c69dcc0beaf3520f0204f420055667

Behaviour

Process Renaming

Botnet C2s

TCP botnet C2(s):

107.172.249.3:1312

Result

Verdict:

UNKNOWN

Verdict:

Malicious

Link:

https://analyze.intezer.com/analyses/79d3686a-2674-47e1-927a-f619579c7a60

Detection:

mirai

Link:

https://mwdb.cert.pl/sample/bb3c220672d680e82993f3d702103826c1c69dcc0beaf3520f0204f420055667/

Threat name:

Linux.Trojan.Mirai

Status:

Malicious

First seen:

2021-06-15 20:07:09 UTC

AV detection:

15 of 29 (51.72%)

Threat level:

5/5

Result

Malware family:

n/a

Score:

1/10

Tags:

linux

Link:

https://tria.ge/reports/210615-vd4vqh4v46/

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Malicious File

Score:

1.00

Link:

https://yomi.yoroi.company/submissions/bb3c220672d680e82993f3d702103826c1c69dcc0beaf3520f0204f420055667

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

elf bb3c220672d680e82993f3d702103826c1c69dcc0beaf3520f0204f420055667

(this sample)

Delivery method

Distributed via web download

URLhaus

https://urlhaus.abuse.ch/url/1370000/

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample