MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 db8eab52e45cc2142640b8a143fc0010419fb5fdc8d531966d0b9a0ccc43541a. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Mirai

Vendor detections: 7

Intelligence 7 IOCs YARA File information Comments

SHA256 hash:	db8eab52e45cc2142640b8a143fc0010419fb5fdc8d531966d0b9a0ccc43541a
SHA3-384 hash:	9cb63045b5f0d7275069fd20a42673c53dbbf3ae33822b3c30e973d8fde915afa289b446ed5acea2a66ee7633dbd7f40
SHA1 hash:	e512daf44e0a5eda8137a0a9de536ceef75d9ef9
MD5 hash:	37bcae6793e6ab6b11d48cccc03faa9f
humanhash:	seven-spaghetti-connecticut-delaware
File name:	arm5-20220323-0742
Download:	download sample
Signature	Mirai Create hunting rule
File size:	22'384 bytes
First seen:	2022-03-23 07:42:04 UTC
Last seen:	2022-03-23 08:11:03 UTC
File type:	elf
MIME type:	application/x-executable
ssdeep	384:xhR/WyZ6LTUcj0VzJXDa9oWnuBQLwV277t+Vbm4aMtW9XhymdGUop5hBPS:xhRp6LRKJXDa5uyLw47abAsQs3UozPPS
TLSH	T171A2D0256AD65C3BC1F148B66E38C64C634819B9D3F43B3670D815BEFA8360752797C2
Reporter	tolisec
Tags:	mirai

Intelligence

File Origin

# of uploads :

# of downloads :

Origin country :

n/a

Vendor Threat Intelligence

Detection(s):

Unix.Trojan.Mirai-8274771-0

Verdict:

Likely Malicious

Threat level:

7.5/10

Confidence:

100%

Tags:

anti-debug

Link:

https://www.filescan.io/uploads/623acf690cd58dbd92dde554/reports/ff8cb199-f992-4481-8263-ab47298625ad/overview

Verdict:

Malicious

Uses P2P?:

false

Uses anti-vm?:

false

Architecture:

arm

Packer:

UPX

Botnet:

136.144.41.60

Number of open files:

Number of processes launched:

Processes remaning?

false

Remote TCP ports scanned:

not identified

Full report:

https://elfdigest.com/brief/db8eab52e45cc2142640b8a143fc0010419fb5fdc8d531966d0b9a0ccc43541a

Behaviour

no suspicious findings

Botnet C2s

TCP botnet C2(s):

not identified

UDP botnet C2(s):

not identified

Result

Verdict:

UNKNOWN

Malware family:

Mirai

Verdict:

Malicious

Link:

https://analyze.intezer.com/analyses/dba68f75-a2ac-4150-ae10-a54e0270f64f

Result

Threat name:

Unknown

Detection:

malicious

Classification:

evad

Score:

52 / 100

Link:

https://www.joesandbox.com/analysis/962786

Behaviour

Behavior Graph:

n/a

Detection:

mirai

Link:

https://mwdb.cert.pl/sample/db8eab52e45cc2142640b8a143fc0010419fb5fdc8d531966d0b9a0ccc43541a/

Threat name:

Linux.Trojan.Mirai

Status:

Malicious

First seen:

2022-03-23 07:42:15 UTC

File Type:

ELF32 Little (Exe)

AV detection:

15 of 25 (60.00%)

Threat level:

5/5

Result

Malware family:

n/a

Score:

1/10

Tags:

linux

Link:

https://tria.ge/reports/220323-jjqhashfg5/

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Legit

Score:

0.23

Link:

https://yomi.yoroi.company/submissions/db8eab52e45cc2142640b8a143fc0010419fb5fdc8d531966d0b9a0ccc43541a

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

elf db8eab52e45cc2142640b8a143fc0010419fb5fdc8d531966d0b9a0ccc43541a

(this sample)

URLhaus

https://urlhaus.abuse.ch/url/2094842/

Delivery method

Distributed via web download

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample