MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 cd69fc3faa8bfadd257a93ac2b25b41fe04f240173059456e870ea82838a571d. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 6


Intelligence 6 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: cd69fc3faa8bfadd257a93ac2b25b41fe04f240173059456e870ea82838a571d
SHA3-384 hash: 1a1a5eaf20a095422130116a7cc11512f0ed0fa93953637f83643c9110b599ef45ea7bc5b0e8cb52f581870a8bc7790c
SHA1 hash: cb8f32c46a5b319b1ea10f8a3b27a27d6edc4c8f
MD5 hash: 00c038cc43595ee199a534be912756bb
humanhash: idaho-sierra-emma-princess
File name:rondo.sparc
Download: download sample
Signature Mirai
Create hunting rule
File size:130'064 bytes
First seen:2025-12-23 01:29:40 UTC
Last seen:Never
File type: elf
MIME type:application/x-executable
ssdeep 3072:eA6aB4HbrJL+LTawaiHRE8SUti/1512gqNDlY1rxNt9Ey86:eAvBY339EH6
TLSH T1B8D36B22F47E591BC5C491B752F74736E1F2634960BC4A0E3D630E8CBF6169022A77AE
Magika elf
Reporter abuse_ch
Tags:elf mirai

Intelligence

File Origin
# of uploads :
1
# of downloads :
110
Origin country :
DE DE
Vendor Threat Intelligence
No detections
Verdict:
Likely Malicious
Threat level:
  7.5/10
Confidence:
100%
Tags:
gafgyt mirai
Link:
https://www.filescan.io/uploads/6949f0af3f8fdbf8e94f58fc/reports/5f3cc548-7525-4cea-9525-3e4ed4aa8db5/overview
Verdict:
Malicious
File Type:
elf.32.be
First seen:
2025-12-22T23:44:00Z UTC
Last seen:
2025-12-24T20:23:00Z UTC
Hits:
~10
Link:
https://opentip.kaspersky.com/cd69fc3faa8bfadd257a93ac2b25b41fe04f240173059456e870ea82838a571d/results?tab=lookup
Status:
terminated
Link:
https://sandbox.kunai.rocks/analysis/dfef0d07-376d-4623-8603-1e68cca0b934
Behavior Graph:
Download SVG
%3 guuid=9ddf3faf-1700-0000-b0ac-ffd4ee0b0000 pid=3054 /usr/bin/sudo guuid=00c5c9b1-1700-0000-b0ac-ffd4f90b0000 pid=3065 /tmp/sample.bin guuid=9ddf3faf-1700-0000-b0ac-ffd4ee0b0000 pid=3054->guuid=00c5c9b1-1700-0000-b0ac-ffd4f90b0000 pid=3065 execve
Verdict:
Unknown
Link:
https://analyze.intezer.com/analyses/19e5a955-ed29-4163-8b3b-29612c7439d5
Result
Threat name:
n/a
Detection:
clean
Classification:
n/a
Score:
1 / 100
Link:
https://www.joesandbox.com/analysis/1838004
Behaviour
Behavior Graph:
n/a
Score:
100%
Verdict:
Malware
File Type:
ELF
Link:
https://malprob.io/report/cd69fc3faa8bfadd257a93ac2b25b41fe04f240173059456e870ea82838a571d
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/cd69fc3faa8bfadd257a93ac2b25b41fe04f240173059456e870ea82838a571d/
Threat name:
Linux.Backdoor.Mirai
Create hunting rule
Status:
Malicious
First seen:
2025-12-23 01:30:37 UTC
File Type:
ELF32 Big (Exe)
AV detection:
10 of 24 (41.67%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=zvu7yp5krp5n2jl2sowcwjnud7qe6jabomczivxiodvifa4kk4oq._file
Result
Malware family:
n/a
Score:
  1/10
Tags:
linux
Link:
https://tria.ge/reports/251223-bw7ckssnhz/
Verdict:
Unknown
Tags:
n/a
YARA:
n/a
Link:
https://app.threat.zone/submission/7767f710-864d-4ace-b30c-05666b46be56
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/cd69fc3faa8bfadd257a93ac2b25b41fe04f240173059456e870ea82838a571d

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

elf cd69fc3faa8bfadd257a93ac2b25b41fe04f240173059456e870ea82838a571d

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3736091/
  
Delivery method
Distributed via web download

Comments