MB-f148152a7c83d04b0ccc180802f1cb33369ef17cb6f17d330ca8eec549a62644
high
📛 Threat Title
Mirai: iran.armv4l
Description
File type: elf. Size: 129568 bytes. Tags: elf, Mirai. Reporter: abuse_ch. First seen: 2026-06-13 15:09:57.
Remediations (10)
-
web:any.run
Online sandbox report for armv4l, tagged as auto, mirai , botnet, verdict: Malicious activity
-
web:dailysecurityreview.com
The Mirai botnet, a notorious piece of malware, launched devastating DDoS attacks in 2016. This blog post delves into its origins, spread, impact, and the ongoing threat it represents, providing crucial information on mitigating Mirai botnet risks.
-
web:github.com
This repository contains the leaked source code of the Mirai botnet, originally created to infect IoT devices and launch large-scale DDoS attacks. This code is provided strictly for cybersecurity research, reverse engineering, malware analysis, and detection development purposes only.
-
web:github.com
Contribute to malol01/cross-compiler-for- mirai -archive development by creating an account on GitHub.
-
web:urlhaus.abuse.ch
Payload delivery The table below documents all payloads that URLhaus retrieved from this particular URL.
-
web:urlhaus.abuse.ch
Payload delivery The table below documents all payloads that URLhaus retrieved from this particular URL.
-
web:westoahu.hawaii.edu
A botnet called Mirai infected hundreds of thousands of Internet of Things (IoT) devices, amassing a wide network of compromised devices. Mitigations against the Mirai botnet involve taking proactive security measures, properly hardening systems, and updating to the latest software to reduce the risk of compromise.
-
web:www.joesandbox.com
Uses the "uname" system call to query kernel version information (possible evasion)
-
web:www.joesandbox.com
Found malware configuration Multi AV Scanner detection for submitted file Yara detected Gafgyt Yara detected Mirai iran.armv4l.elf started dash rm
-
web:www.quorumcyber.com
Mirai initially infected and weaponised devices such as smart cameras and Realtek routers2. The botnet variant was created in a racketeering attempt by the cofounders of Protraf Solutions, an organisation offering DDoS mitigation services.
Indicators of Compromise (3)
Each indicator is enriched from the IOC database, threat-intel feed corroboration (Threat Hunt) and VirusTotal. Click one to expand.
hash_sha256
f148152a7c83d04b0ccc180802f1cb33369ef17cb6f17d330ca8eec549a62644
IOC database
- Type
- hash_sha256
- Value
f148152a7c83d04b0ccc180802f1cb33369ef17cb6f17d330ca8eec549a62644- First seen
- Last seen
- Attached to this threat
- Appears in
- 1 threat
- Description
- Mirai
Threat Hunt — feed corroboration
Not present in any configured threat-intel feed.
Details From VirusTotal
No VirusTotal details cached for this IOC. Open the IOC page to query VirusTotal.
hash_sha1
6d3be4d4be77983ac318b47421c8f647b59dc18d
IOC database
- Type
- hash_sha1
- Value
6d3be4d4be77983ac318b47421c8f647b59dc18d- First seen
- Last seen
- Attached to this threat
- Appears in
- 1 threat
Threat Hunt — feed corroboration
Not present in any configured threat-intel feed.
Details From VirusTotal
No VirusTotal details cached for this IOC. Open the IOC page to query VirusTotal.
hash_md5
7f71496207e9879601eb7b246867e535
IOC database
- Type
- hash_md5
- Value
7f71496207e9879601eb7b246867e535- First seen
- Last seen
- Attached to this threat
- Appears in
- 1 threat
Threat Hunt — feed corroboration
Not present in any configured threat-intel feed.
Details From VirusTotal
No VirusTotal details cached for this IOC. Open the IOC page to query VirusTotal.
References (1)
-
MalwareBazaar sample page
Abuse.ch
File type: elf. Size: 129568 bytes. Tags: elf, Mirai. Reporter: abuse_ch. First seen: 2026-06-13 15:09:57.
AI Forensic Analysis
Only Available for Registered Users. Sign in to view.