MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 ef00fcf90dbbf2740674a94357691c011590fe2b9d3096d32f1e3caf158afca0. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry

Mirai

Vendor detections: 7

Intelligence 7 IOCs YARA File information Comments

SHA256 hash:	ef00fcf90dbbf2740674a94357691c011590fe2b9d3096d32f1e3caf158afca0
SHA3-384 hash:	dd8fb55f40c5ebd09edecf821dec807d9b2d0beb46ca221e5aaf0b89e324e89c95e084a1678364f38ebae45ee4369fdc
SHA1 hash:	a4dad77b9c531dba3fb9d85090dc757f83b9d6c1
MD5 hash:	f7ff9707143a0a53fb22bddde8af4bf0
humanhash:	ten-robin-red-idaho
File name:	dlr.spc
Download:	download sample
Signature	Mirai Create hunting rule
File size:	1'256 bytes
First seen:	2025-02-11 15:02:04 UTC
Last seen:	2025-02-11 15:48:56 UTC
File type:	elf
MIME type:	application/x-executable
ssdeep	24:3TddDq3N0yTK+59kwV8MA/OlhCrjSkvyeJ9l6vNTawq10:3WVT3RV8MmDvJ9YNuf0
TLSH	T19021023BFBBB871BC494903A0EA323103724D88C0019D33ABB627A4EEC526516E961F0
TrID	50.1% (.) ELF Executable and Linkable format (Linux) (4022/12) 49.8% (.O) ELF Executable and Linkable format (generic) (4000/1)
Magika	elf
Reporter	abuse_ch
Tags:	elf mirai

Intelligence

File Origin

# of uploads :

# of downloads :

Origin country :

Vendor Threat Intelligence

Detection(s):

SecuriteInfo.com.Linux.DownLoader.535.17738.19919.UNOFFICIAL

Verdict:

Clean

Score:

70%

Link:

https://cyber-fortress.com/docs/result/index.php?id=67ab6704f667f46cd1830955linux22vpnfull_triage

Tags:

n/a

Verdict:

Unknown

Threat level:

0/10

Confidence:

100%

Tags:

masquerade

Link:

https://www.filescan.io/uploads/67ab66baa116e377e79bb63f/reports/d96466ac-93cc-4fda-9fde-b0f9860f3698/overview

Result

Verdict:

UNKNOWN

Verdict:

Unknown

Link:

https://analyze.intezer.com/analyses/668a8540-f30e-4356-a41f-f6bae6912d60

Result

Threat name:

n/a

Detection:

malicious

Classification:

n/a

Score:

48 / 100

Link:

https://www.joesandbox.com/analysis/1612184

Signature

Multi AV Scanner detection for submitted file

Behaviour

Behavior Graph:

Download SVG

Score:

100%

Verdict:

Malware

File Type:

ELF

Link:

https://malprob.io/report/ef00fcf90dbbf2740674a94357691c011590fe2b9d3096d32f1e3caf158afca0

Detection:

mirai

Link:

https://mwdb.cert.pl/sample/ef00fcf90dbbf2740674a94357691c011590fe2b9d3096d32f1e3caf158afca0/

Threat name:

Linux.Backdoor.Mirai

Status:

Malicious

First seen:

2025-02-11 15:03:12 UTC

File Type:

ELF32 Big (Exe)

AV detection:

10 of 24 (41.67%)

Threat level:

5/5

Detection(s):

Suspicious file

Link:

https://check.spamhaus.org/check/?searchterm=54apz6inxpzhibtuvfbvo2i4aekzb7rltuyjnuzpdy6k6fmk7sqa._file

Result

Malware family:

n/a

Score:

1/10

Tags:

linux

Link:

https://tria.ge/reports/250211-seqryayjam/

Verdict:

Unknown

Tags:

n/a

YARA:

n/a

Link:

https://app.threat.zone/submission/c7862a16-4f7e-4756-8d7b-55fead90bcec

Please note that we are no longer able to provide a coverage score for Virus Total.

Threat name:

Mirai

Score:

0.90

Link:

https://yomi.yoroi.company/submissions/ef00fcf90dbbf2740674a94357691c011590fe2b9d3096d32f1e3caf158afca0

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

elf ef00fcf90dbbf2740674a94357691c011590fe2b9d3096d32f1e3caf158afca0

(this sample)

URLhaus

https://urlhaus.abuse.ch/url/3436179/

Delivery method

Distributed via web download

Comments

Login required

You need to login to in order to write a comment. Login with your abuse.ch account.

No comments found for this malware sample