MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 bdf59f4a8ab5cbb846a5464d4d5c52fa45eeac71843f47205b3d1861bdffb655. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: bdf59f4a8ab5cbb846a5464d4d5c52fa45eeac71843f47205b3d1861bdffb655
SHA3-384 hash: f6e0b6c4032fb60679ee79ece8db11c4892fb8fcfde3c2b7874df4835d9b6f23b0f0ec61e6bb8ee97542710861751929
SHA1 hash: 334f68c18c2aa9956f27e4be5cbaa14d11d57398
MD5 hash: 80bbb42ff15905fb15b4979c56bf6b48
humanhash: speaker-fruit-oxygen-sad
File name:realpower
Download: download sample
Signature Mirai
Create hunting rule
File size:91'412 bytes
First seen:2025-11-28 18:31:30 UTC
Last seen:2025-11-28 20:43:12 UTC
File type: elf
MIME type:application/x-executable
ssdeep 1536:yHbWX1blOaygM7qtQfpBH0KtICXISSrBAr2:yiVkiM1pBfIuSrer2
TLSH T1FE934C02A71C0953D0E75DB02A3F5BF1D3A9679021E8D588290DEE4A93B5E72E147ECE
Magika elf
Reporter abuse_ch
Tags:elf mirai

Intelligence

File Origin
# of uploads :
3
# of downloads :
83
Origin country :
DE DE
Vendor Threat Intelligence
No detections
Detection(s):
SecuriteInfo.com.ELF.Mirai-CQT.94131316.UNOFFICIAL
Create hunting rule

Result
Verdict:
Suspicious
Maliciousness:

Behaviour
Runs as daemon
Opens a port
Verdict:
Unknown
Threat level:
  0/10
Confidence:
100%
Link:
https://www.filescan.io/uploads/6929eab0d0d5e7288b4fab94/reports/5e137ade-8399-4192-aff8-5317f8c87083/overview
Verdict:
Unknown
File Type:
elf.32.be
First seen:
2025-11-28T15:47:00Z UTC
Last seen:
2025-11-28T16:35:00Z UTC
Hits:
~10
Link:
https://opentip.kaspersky.com/bdf59f4a8ab5cbb846a5464d4d5c52fa45eeac71843f47205b3d1861bdffb655/results?tab=lookup
Verdict:
Unknown
Link:
https://analyze.intezer.com/analyses/35f3ca3a-e1be-4897-9904-012f627fef66
Result
Threat name:
n/a
Detection:
malicious
Classification:
n/a
Score:
48 / 100
Link:
https://www.joesandbox.com/analysis/1822352
Signature
Antivirus / Scanner detection for submitted sample
Behaviour
Behavior Graph:
Download SVG
behaviorgraph top1 signatures2 2 Behavior Graph ID: 1822352 Sample: realpower.elf Startdate: 28/11/2025 Architecture: LINUX Score: 48 10 Antivirus / Scanner detection for submitted sample 2->10 6 realpower.elf 2->6         started        process3 process4 8 realpower.elf 6->8         started       
Score:
100%
Verdict:
Malware
File Type:
ELF
Link:
https://malprob.io/report/bdf59f4a8ab5cbb846a5464d4d5c52fa45eeac71843f47205b3d1861bdffb655
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/bdf59f4a8ab5cbb846a5464d4d5c52fa45eeac71843f47205b3d1861bdffb655/
Threat name:
Linux.Worm.Mirai
Create hunting rule
Status:
Malicious
First seen:
2025-11-28 18:24:23 UTC
File Type:
ELF32 Big (Exe)
AV detection:
6 of 24 (25.00%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=xx2z6sukwxf3qrvfizgu2xcs7jc65ldrqq7uoic3humgdpp7wzkq._file
Result
Malware family:
n/a
Score:
  1/10
Tags:
linux
Link:
https://tria.ge/reports/251128-w6n9zazmgj/
Verdict:
Unknown
Tags:
n/a
YARA:
n/a
Link:
https://app.threat.zone/submission/9b71ab95-9fde-42db-94b4-27ae6fece2f3
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/bdf59f4a8ab5cbb846a5464d4d5c52fa45eeac71843f47205b3d1861bdffb655

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

elf bdf59f4a8ab5cbb846a5464d4d5c52fa45eeac71843f47205b3d1861bdffb655

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3718789/
  
Delivery method
Distributed via web download

Comments