MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 c93ef576c334a86acdf149d762584dbe865503475c7052db7dfef513298d6334. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Threat unknown


Vendor detections: 5


Intelligence 5 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: c93ef576c334a86acdf149d762584dbe865503475c7052db7dfef513298d6334
SHA3-384 hash: dd795267f7a87e4f21c6188671b5f5e5f7091100280973072cdb6f42ea95758619902b83d8fdff950591d21b781c73f0
SHA1 hash: 75414136154dc2120909e18718007348730bea97
MD5 hash: ed1cf15cdad198943d553d4ad9410a68
humanhash: failed-johnny-delta-music
File name:dlr.mips
Download: download sample
File size:1'568 bytes
First seen:2026-02-20 16:33:43 UTC
Last seen:2026-02-21 14:12:32 UTC
File type: elf
MIME type:application/x-executable
ssdeep 24:AO47VYj5xyRQOhOycJ8THVOeIpX7lPqFW2U5S6Uh1:AO47Yzy8yzZGX7lSFzshUh1
TLSH T14F31440BD6540EE2C97B04FA41BB473D9BA5D4984B714F67DE18B1144A053B83C92D31
Magika elf
Reporter abuse_ch
Tags:elf

Intelligence

File Origin
# of uploads :
3
# of downloads :
71
Origin country :
DE DE
Vendor Threat Intelligence
No detections
Verdict:
Unknown
Threat level:
  0/10
Confidence:
100%
Tags:
masquerade
Link:
https://www.filescan.io/uploads/69988d1910e80629d4eb9dcd/reports/48fd7647-c021-4dac-add1-6c554b46958e/overview
Verdict:
Malicious
Uses P2P?:
false
Uses anti-vm?:
false
Architecture:
mips
Packer:
not packed
Botnet:
unknown
Number of open files:
0
Number of processes launched:
1
Processes remaning?
false
Remote TCP ports scanned:
not identified
Full report:
https://elfdigest.com/brief/c93ef576c334a86acdf149d762584dbe865503475c7052db7dfef513298d6334
Behaviour
no suspicious findings
Botnet C2s
TCP botnet C2(s):
not identified
UDP botnet C2(s):
not identified
Verdict:
Unknown
File Type:
elf.32.be
Link:
https://opentip.kaspersky.com/c93ef576c334a86acdf149d762584dbe865503475c7052db7dfef513298d6334/results?tab=lookup
Status:
terminated
Link:
https://sandbox.kunai.rocks/analysis/17983152-ec0b-4cfa-9abb-98ae95a8fc8b
Behavior Graph:
Download SVG
%3 guuid=390e6c3b-1900-0000-ecc2-e3ac020b0000 pid=2818 /usr/bin/sudo guuid=2a76483d-1900-0000-ecc2-e3ac040b0000 pid=2820 /tmp/sample.bin guuid=390e6c3b-1900-0000-ecc2-e3ac020b0000 pid=2818->guuid=2a76483d-1900-0000-ecc2-e3ac040b0000 pid=2820 execve
Verdict:
Unknown
Link:
https://analyze.intezer.com/analyses/eb7c4939-fe54-421b-a47c-130338068091
Result
Threat name:
n/a
Detection:
unknown
Classification:
n/a
Score:
0 / 100
Link:
https://www.joesandbox.com/analysis/1872598
Behaviour
Behavior Graph:
Download SVG
Score:
100%
Verdict:
Malware
File Type:
ELF
Link:
https://malprob.io/report/c93ef576c334a86acdf149d762584dbe865503475c7052db7dfef513298d6334
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/c93ef576c334a86acdf149d762584dbe865503475c7052db7dfef513298d6334/
Threat name:
Linux.Trojan.Generic
Create hunting rule
Status:
Suspicious
First seen:
2026-02-20 16:28:12 UTC
File Type:
ELF32 Big (Exe)
AV detection:
3 of 23 (13.04%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=ze7pk5wdgsugvtprjhlwewcnx2dfka2hlryffw35732rgkmnmm2a._file
Result
Malware family:
n/a
Score:
  3/10
Tags:
discovery
Link:
https://tria.ge/reports/260220-t29zrsfv5h/
Behaviour
System Network Configuration Discovery
Writes file to tmp directory
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/c93ef576c334a86acdf149d762584dbe865503475c7052db7dfef513298d6334

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

elf c93ef576c334a86acdf149d762584dbe865503475c7052db7dfef513298d6334

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3781869/
  
Delivery method
Distributed via web download

Comments