MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 fadd00c0b672f91e751fdcbdb3457333dd5879ab7cfa9f187e3bfc7c65894aa8. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 9


Intelligence 9 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: fadd00c0b672f91e751fdcbdb3457333dd5879ab7cfa9f187e3bfc7c65894aa8
SHA3-384 hash: 28051304dce82ebadbcb73ce31ab5e6f5f98015344d5489cdbab8a99cca99cce00c8931ec91e7674d5cdcda62e43c66d
SHA1 hash: 63858e23f4fe5d299964822ccc62858fc6159295
MD5 hash: 19dcc357724e3748a3c05740c7aecd22
humanhash: shade-rugby-green-snake
File name:boatnet.spc
Download: download sample
Signature Mirai
Create hunting rule
File size:54'184 bytes
First seen:2026-02-17 06:16:39 UTC
Last seen:Never
File type: elf
MIME type:application/x-executable
ssdeep 768:GVoh3lDBFm6t+deWU3xwIZotohqJvM+AEMO+VziNxd:GVItBF4de33xwIZotYXVWd
TLSH T1A6334A21F9790A27C0D4B1BA12FB832AB1F6479F50A8C74D7D320E8EFF1499059A75B0
Magika elf
Reporter abuse_ch
Tags:elf mirai

Intelligence

File Origin
# of uploads :
1
# of downloads :
48
Origin country :
DE DE
Vendor Threat Intelligence
Malware configuration found for:
Mirai
Details
Mirai
an XOR decryption key and at least a c2 socket address
Link:
https://research.acce.ciphertechsolutions.com/results/7aa71f20-8a36-47cd-bc17-89859065ca01/
Detection(s):
Unix.Dropper.Mirai-7136013-0
Create hunting rule

Unix.Trojan.Mirai-8025795-0
Create hunting rule

Unix.Trojan.Mirai-9858729-0
Create hunting rule

Unix.Trojan.Mirai-10058922-0
Create hunting rule

Unix.Trojan.Mirai-10059005-0
Create hunting rule

Verdict:
Unknown
Threat level:
  0/10
Confidence:
100%
Tags:
masquerade
Link:
https://www.filescan.io/uploads/699407f3c9bfb60ece208739/reports/0cc23dcf-7908-4f95-804a-4d938416c117/overview
Result
Gathering data
Verdict:
Malicious
File Type:
elf.32.be
Detections:
HEUR:Backdoor.Linux.Mirai.b
Link:
https://opentip.kaspersky.com/fadd00c0b672f91e751fdcbdb3457333dd5879ab7cfa9f187e3bfc7c65894aa8/results?tab=lookup
Status:
terminated
Link:
https://sandbox.kunai.rocks/analysis/fedb4499-de80-4b71-b302-c2f023156471
Behavior Graph:
Download SVG
%3 guuid=12aaaf2a-1a00-0000-a7e5-8c3176080000 pid=2166 /usr/bin/sudo guuid=d8d15c2d-1a00-0000-a7e5-8c317e080000 pid=2174 /tmp/sample.bin guuid=12aaaf2a-1a00-0000-a7e5-8c3176080000 pid=2166->guuid=d8d15c2d-1a00-0000-a7e5-8c317e080000 pid=2174 execve
Verdict:
Unknown
Link:
https://analyze.intezer.com/analyses/3e6f7878-45ed-4661-a942-4e748b7fd255
Score:
100%
Verdict:
Malware
File Type:
ELF
Link:
https://malprob.io/report/fadd00c0b672f91e751fdcbdb3457333dd5879ab7cfa9f187e3bfc7c65894aa8
Detection:
mirai
Create hunting rule
Link:
https://mwdb.cert.pl/sample/fadd00c0b672f91e751fdcbdb3457333dd5879ab7cfa9f187e3bfc7c65894aa8/
Verdict:
Malicious
Threat:
Family.MIRAI
Link:
https://tip.neiki.dev/file/fadd00c0b672f91e751fdcbdb3457333dd5879ab7cfa9f187e3bfc7c65894aa8
Threat name:
Linux.Worm.Mirai
Create hunting rule
Status:
Malicious
First seen:
2026-02-17 03:08:31 UTC
File Type:
ELF32 Big (Exe)
AV detection:
22 of 36 (61.11%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=7loqbqfwol4r45i73s63grltgpovq6nlpt5j6gd6hp6hyzmjjkua._file
Result
Malware family:
mirai
Create hunting rule
Score:
  10/10
Tags:
family:mirai botnet:lzrd linux
Link:
https://tria.ge/reports/260217-g158zahv2b/
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/fadd00c0b672f91e751fdcbdb3457333dd5879ab7cfa9f187e3bfc7c65894aa8

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

elf fadd00c0b672f91e751fdcbdb3457333dd5879ab7cfa9f187e3bfc7c65894aa8

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3779308/
  
Delivery method
Distributed via web download

Comments