MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 d0cee39543cbb5eb73ff62c3eb97900ad066d104b5d18d09d139c660183ff8d6. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 9


Intelligence 9 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: d0cee39543cbb5eb73ff62c3eb97900ad066d104b5d18d09d139c660183ff8d6
SHA3-384 hash: ea595afef1b4ffc6bb1afe1c2bc2ef981e8298024d428c4f3f3c421e563face02ac44044d2760e012f7ddb6863542eb0
SHA1 hash: 91c77a56875e3970e2de0aa48ff9bae5611626b1
MD5 hash: 5930acc444ec73da425d3cc844f8dfbf
humanhash: sad-snake-march-five
File name:Aqua.ppc
Download: download sample
Signature Mirai
Create hunting rule
File size:59'103 bytes
First seen:2025-06-09 21:17:24 UTC
Last seen:Never
File type: elf
MIME type:application/x-executable
ssdeep 768:9Bty4/dAdJSjPrfahWYOcTRyN1gRtbsxxMkpTSWNoKfnTFpXurwMfWKuH3PPc:sGARugQzzOGppec4qs
TLSH T10C434B0236280E57D19209B42A3E67F583FEE4A125F4B788194F971587B6E7F148AFCC
Magika elf
Reporter abuse_ch
Tags:elf mirai

Intelligence

File Origin
# of uploads :
1
# of downloads :
128
Origin country :
DE DE
Vendor Threat Intelligence
Detection(s):
Unix.Trojan.Mirai-10012201-0
Create hunting rule

Verdict:
Clean
Score:
82.2%
Link:
https://cyber-fortress.com/docs/result/index.php?id=68474f958bd5d68a12e72862linux22vpnfull_triage
Tags:
n/a
Result
Verdict:
Malware
Maliciousness:
Verdict:
Unknown
Link:
https://analyze.intezer.com/analyses/478a873a-5290-4fb1-b36d-29cae0370896
Result
Threat name:
n/a
Detection:
malicious
Classification:
n/a
Score:
48 / 100
Link:
https://www.joesandbox.com/analysis/1710294
Signature
Multi AV Scanner detection for submitted file
Behaviour
Behavior Graph:
Download SVG
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1710294 Sample: Aqua.ppc.elf Startdate: 09/06/2025 Architecture: LINUX Score: 48 12 109.202.202.202, 80 INIT7CH Switzerland 2->12 14 91.189.91.42, 443 CANONICAL-ASGB United Kingdom 2->14 16 2 other IPs or domains 2->16 18 Multi AV Scanner detection for submitted file 2->18 6 dash rm 2->6         started        8 dash rm 2->8         started        10 Aqua.ppc.elf 2->10         started        signatures3 process4
Score:
100%
Verdict:
Malware
File Type:
ELF
Link:
https://malprob.io/report/d0cee39543cbb5eb73ff62c3eb97900ad066d104b5d18d09d139c660183ff8d6
Detection:
n/a
Link:
https://mwdb.cert.pl/sample/d0cee39543cbb5eb73ff62c3eb97900ad066d104b5d18d09d139c660183ff8d6/
Threat name:
Linux.Backdoor.Mirai
Create hunting rule
Status:
Malicious
First seen:
2025-06-09 21:18:11 UTC
File Type:
ELF32 Big (Exe)
AV detection:
11 of 24 (45.83%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=2dhohfkdzo26w477mlb6xf4qblignuiewxiy2corhhdgagb77dla._file
Result
Malware family:
mirai
Create hunting rule
Score:
  10/10
Tags:
family:mirai linux
Link:
https://tria.ge/reports/250609-z5mxaswnv2/
Verdict:
Malicious
Tags:
Unix.Trojan.Mirai-10012201-0
YARA:
n/a
Link:
https://app.threat.zone/submission/53ea31bf-8da4-49f3-bcca-0912195703b5
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Mirai
Score:
0.90
Link:
https://yomi.yoroi.company/submissions/d0cee39543cbb5eb73ff62c3eb97900ad066d104b5d18d09d139c660183ff8d6

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

elf d0cee39543cbb5eb73ff62c3eb97900ad066d104b5d18d09d139c660183ff8d6

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3333317/
  
Delivery method
Distributed via web download

Comments