MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 c94589ffb489005153b92495beb6e1cf8de8660d6ca43d81562899d19a8445b3. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 9


Intelligence 9 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: c94589ffb489005153b92495beb6e1cf8de8660d6ca43d81562899d19a8445b3
SHA3-384 hash: f093c30a736c3a53208f4c723c2c694160cefab4a91087ab3f535b6512902180fe1086fa3a794f4c7d7fe13cec68c4c4
SHA1 hash: 13fe9fd606ae8e0dd04f8b12c9e54da1760cb286
MD5 hash: 0922d4093f3c730b7c1c1bfc981040f0
humanhash: music-louisiana-lion-thirteen
File name:csk_arm
Download: download sample
Signature Mirai
Create hunting rule
File size:44'623 bytes
First seen:2026-02-03 23:59:28 UTC
Last seen:Never
File type: elf
MIME type:application/x-executable
ssdeep 768:Nj9qqQyNEn0boLS/++fS1ONlNwdo4YrX4NMahiq15mNu1tnxv5ykMmM:t9ptsiojLeNw246AFb/1tB5+mM
TLSH T17313C646AC918E6346D953FBFB6E01CD33262BA9D2DE7002DD115F543B8A96F0E37242
TrID 50.1% (.) ELF Executable and Linkable format (Linux) (4022/12)
49.8% (.O) ELF Executable and Linkable format (generic) (4000/1)
Magika elf
Reporter abuse_ch
Tags:elf mirai

Intelligence

File Origin
# of uploads :
1
# of downloads :
64
Origin country :
DE DE
Vendor Threat Intelligence
Malware configuration found for:
Mirai
Details
Link:
https://research.acce.ciphertechsolutions.com/results/fe8266db-3e1f-4513-842c-c7b0d7d618c0/
Result
Verdict:
Clean
Maliciousness:
Verdict:
Unknown
Threat level:
  0/10
Confidence:
100%
Tags:
rust
Link:
https://www.filescan.io/uploads/69828c23930564ff3c8822e6/reports/2b458aad-f5ee-4c59-a8c9-30eb9081b8fd/overview
Verdict:
Malicious
Uses P2P?:
false
Uses anti-vm?:
false
Architecture:
arm
Packer:
not packed
Botnet:
unknown
Number of open files:
0
Number of processes launched:
0
Processes remaning?
false
Remote TCP ports scanned:
not identified
Full report:
https://elfdigest.com/brief/c94589ffb489005153b92495beb6e1cf8de8660d6ca43d81562899d19a8445b3
Behaviour
no suspicious findings
Botnet C2s
TCP botnet C2(s):
not identified
UDP botnet C2(s):
not identified
Result
Gathering data
Status:
terminated
Link:
https://sandbox.kunai.rocks/analysis/816d94df-18de-48c6-bb61-c8c6641b4cbb
Behavior Graph:
Download SVG
%3 guuid=c5acb2ce-1b00-0000-e436-f6af900c0000 pid=3216 /usr/bin/sudo guuid=62b194d1-1b00-0000-e436-f6af910c0000 pid=3217 /tmp/sample.bin guuid=c5acb2ce-1b00-0000-e436-f6af900c0000 pid=3216->guuid=62b194d1-1b00-0000-e436-f6af910c0000 pid=3217 execve
Verdict:
Unknown
Link:
https://analyze.intezer.com/analyses/5f60dff8-1f42-4f76-b583-316aa6dc4b0b
Result
Threat name:
n/a
Detection:
malicious
Classification:
n/a
Score:
48 / 100
Link:
https://www.joesandbox.com/analysis/1862892
Signature
Multi AV Scanner detection for submitted file
Behaviour
Behavior Graph:
Download SVG
Score:
100%
Verdict:
Malware
File Type:
ELF
Link:
https://malprob.io/report/c94589ffb489005153b92495beb6e1cf8de8660d6ca43d81562899d19a8445b3
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/c94589ffb489005153b92495beb6e1cf8de8660d6ca43d81562899d19a8445b3/
Verdict:
Malicious
Threat:
Family.MIRAI
Link:
https://tip.neiki.dev/file/c94589ffb489005153b92495beb6e1cf8de8660d6ca43d81562899d19a8445b3
Threat name:
Linux.Backdoor.Mirai
Create hunting rule
Status:
Malicious
First seen:
2026-02-04 00:00:34 UTC
File Type:
ELF32 Little (Exe)
AV detection:
8 of 36 (22.22%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=zfcyt75ureafcu5zesk35nxbz6g6qzqnnssd3akwfcm5dgueiwzq._file
Result
Malware family:
mirai
Create hunting rule
Score:
  10/10
Tags:
family:mirai
Link:
https://tria.ge/reports/260204-aamklset9c/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/c94589ffb489005153b92495beb6e1cf8de8660d6ca43d81562899d19a8445b3

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

elf c94589ffb489005153b92495beb6e1cf8de8660d6ca43d81562899d19a8445b3

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3759696/
  
Delivery method
Distributed via web download

Comments