MalwareBazaar Database

You are currently viewing the MalwareBazaar entry for SHA256 fe707501646d5e73c30e4f9271bcf7f06075e323636faf136ec1135f4b77f25e. While MalwareBazaar tries to identify whether the sample provided is malicious or not, there is no guarantee that a sample in MalwareBazaar is malicious.

Database Entry


Mirai


Vendor detections: 11


Intelligence 11 IOCs YARA File information Comments
Download sample Add tag Delete this sample Report a False Positive

SHA256 hash: fe707501646d5e73c30e4f9271bcf7f06075e323636faf136ec1135f4b77f25e
SHA3-384 hash: d7f9242d501d2776ff3e2f903a9ff2a60d17ea246aba42dad16eb2237a84b22be5ec8c02cabd5741908845994a16472c
SHA1 hash: 9caf2f353f269f0e5fcd32b043377879b50bf6d2
MD5 hash: 82933cc1d07d97f14e877f5978aef4ae
humanhash: thirteen-ten-ink-kitten
File name:fentdips
Download: download sample
Signature Mirai
Create hunting rule
File size:60'692 bytes
First seen:2026-01-10 12:23:56 UTC
Last seen:Never
File type: elf
MIME type:application/x-executable
ssdeep 768:N3ZvA1j0RmDWu0ahhhBp8lQvIRLIgzp832uM2EWJBraRcV/RKs3o6SyQ1J0:5Z6jwxuSlQvIZIgzp83vHzto6p
TLSH T18E53D80E5E218FFCFB98C63497778D21A358378637E1D585D1ACE6015EA028E241FFA8
telfhash t18df0125c8cb853b45b364d99191ddfbbe5a230de07266c374f21b979ad6d8428e00c0c
Magika elf
Reporter abuse_ch
Tags:elf mirai

Intelligence

File Origin
# of uploads :
1
# of downloads :
64
Origin country :
DE DE
Vendor Threat Intelligence
Malware configuration found for:
Mirai
Details
Mirai
an XOR decryption key and at least a c2 socket address
Link:
https://research.acce.ciphertechsolutions.com/results/a9c4ea89-b404-4c08-8099-72713b2bcb82/
Result
Verdict:
Malware
Maliciousness:

Behaviour
Connection attempt
Sends data to a server
Receives data from a server
Runs as daemon
Opens a port
Substitutes an application name
Verdict:
Unknown
Threat level:
  0/10
Confidence:
100%
Tags:
mirai
Link:
https://www.filescan.io/uploads/6962450130368802bb7f3121/reports/61a1ebc1-92b9-4296-929d-c63ea894c934/overview
Verdict:
Malicious
File Type:
elf.32.be
First seen:
2026-01-10T09:29:00Z UTC
Last seen:
2026-01-10T16:04:00Z UTC
Hits:
~10
Detections:
HEUR:Backdoor.Linux.Mirai.b
Link:
https://opentip.kaspersky.com/fe707501646d5e73c30e4f9271bcf7f06075e323636faf136ec1135f4b77f25e/results?tab=lookup
Status:
terminated
Link:
https://sandbox.kunai.rocks/analysis/1964bc57-af63-4ba7-96a5-0bcc84648b2c
Behavior Graph:
Download SVG
%3 guuid=9bad7c6e-1900-0000-bdc5-24316a140000 pid=5226 /usr/bin/sudo guuid=4aae3472-1900-0000-bdc5-24316b140000 pid=5227 /tmp/sample.bin guuid=9bad7c6e-1900-0000-bdc5-24316a140000 pid=5226->guuid=4aae3472-1900-0000-bdc5-24316b140000 pid=5227 execve
Verdict:
Unknown
Link:
https://analyze.intezer.com/analyses/752aa635-0b10-4442-9693-6f040a9cd31c
Result
Threat name:
n/a
Detection:
malicious
Classification:
n/a
Score:
48 / 100
Link:
https://www.joesandbox.com/analysis/1847870
Signature
Multi AV Scanner detection for submitted file
Behaviour
Behavior Graph:
Download SVG
behaviorgraph top1 dnsIp2 2 Behavior Graph ID: 1847870 Sample: fentdips.elf Startdate: 10/01/2026 Architecture: LINUX Score: 48 18 87.121.112.123, 53410, 666 NETERRA-ASBG Bulgaria 2->18 20 109.202.202.202, 80 INIT7CH Switzerland 2->20 22 3 other IPs or domains 2->22 24 Multi AV Scanner detection for submitted file 2->24 8 fentdips.elf 2->8         started        10 dash rm 2->10         started        12 dash rm 2->12         started        signatures3 process4 process5 14 fentdips.elf 8->14         started        process6 16 fentdips.elf 14->16         started       
Score:
100%
Verdict:
Malware
File Type:
ELF
Link:
https://malprob.io/report/fe707501646d5e73c30e4f9271bcf7f06075e323636faf136ec1135f4b77f25e
Detection:
mirai
Create hunting rule
Link:
https://mwdb.cert.pl/sample/fe707501646d5e73c30e4f9271bcf7f06075e323636faf136ec1135f4b77f25e/
Verdict:
Malicious
Threat:
Family.MIRAI
Link:
https://tip.neiki.dev/file/fe707501646d5e73c30e4f9271bcf7f06075e323636faf136ec1135f4b77f25e
Threat name:
Linux.Worm.Mirai
Create hunting rule
Status:
Malicious
First seen:
2026-01-10 12:24:32 UTC
File Type:
ELF32 Big (Exe)
AV detection:
11 of 24 (45.83%)
Threat level:
  5/5
Detection(s):
Suspicious file
Link:
https://check.spamhaus.org/check/?searchterm=7zyhkalenvphhqyoj6jhdphx6bqhlyzdmnx26e3oyejv6s3x6jpa._file
Result
Malware family:
mirai
Create hunting rule
Score:
  10/10
Tags:
family:mirai defense_evasion discovery
Link:
https://tria.ge/reports/260110-pla4aafv6f/
Behaviour
System Network Configuration Discovery
Changes its process name
Modifies Watchdog functionality
Verdict:
Unknown
Tags:
n/a
YARA:
n/a
Link:
https://app.threat.zone/submission/a5f1d75c-9fc2-4a5e-a993-070ce531c0c8
Please note that we are no longer able to provide a coverage score for Virus Total.
Threat name:
Legit
Score:
0.00
Link:
https://yomi.yoroi.company/submissions/fe707501646d5e73c30e4f9271bcf7f06075e323636faf136ec1135f4b77f25e

File information

The table below shows additional information about this malware sample such as delivery method and external references.

Web download

Mirai

elf fe707501646d5e73c30e4f9271bcf7f06075e323636faf136ec1135f4b77f25e

(this sample)

  
URLhaus
https://urlhaus.abuse.ch/url/3753777/
  
Delivery method
Distributed via web download

Comments