MB-ab692299315151ffe9be66b9e33dc27dd80e30fd92f0ea798fee2fcac0356db0
high
📛 Threat Title
Mirai: nova.sh4
Description
File type: elf. Size: 142876 bytes. Tags: elf, Mirai. Reporter: abuse_ch. First seen: 2026-06-18 06:53:27.
Remediations (8)
-
web:dailysecurityreview.com
A Mirai malware botnet is leveraging a zero-day vulnerability (CVE-2024-11120) in outdated GeoVision devices to deploy malware, potentially for DDoS attacks or cryptomining. Thousands of vulnerable devices are exposed online.
-
web:github.com
Contribute to bfeeney6/ Mirai -Botnet- Mitigation - development by creating an account on GitHub.
-
web:github.com
This repository contains the leaked source code of the Mirai botnet, originally created to infect IoT devices and launch large-scale DDoS attacks. This code is provided strictly for cybersecurity research, reverse engineering, malware analysis, and detection development purposes only.
-
web:westoahu.hawaii.edu
A botnet called Mirai infected hundreds of thousands of Internet of Things (IoT) devices, amassing a wide network of compromised devices. Mitigations against the Mirai botnet involve taking proactive security measures, properly hardening systems, and updating to the latest software to reduce the risk of compromise.
-
web:www.akamai.com
Akamai has uncovered two zero-day vulnerabilities that are being actively exploited to spread a Mirai variant in the wild. Read on for details and mitigation .
-
web:www.joesandbox.com
General Information Sample name: nova.sh4.elf Analysis ID: 1835173 Has dependencies: false MD5: 88885e1ddf5f445d614116c10fd7db28 SHA1 ...
-
web:www.joesandbox.com
Warnings Connection to analysis system has been lost, crash info: Unknown Report size exceeded maximum capacity and may have missing behavior information.
-
web:www.quorumcyber.com
Mirai initially infected and weaponised devices such as smart cameras and Realtek routers2. The botnet variant was created in a racketeering attempt by the cofounders of Protraf Solutions, an organisation offering DDoS mitigation services.
Indicators of Compromise (3)
Each indicator is enriched from the IOC database, threat-intel feed corroboration (Threat Hunt) and VirusTotal. Click one to expand.
hash_sha256
ab692299315151ffe9be66b9e33dc27dd80e30fd92f0ea798fee2fcac0356db0
IOC database
- Type
- hash_sha256
- Value
ab692299315151ffe9be66b9e33dc27dd80e30fd92f0ea798fee2fcac0356db0- First seen
- Last seen
- Attached to this threat
- Appears in
- 2 threats
- Description
- Mirai
Threat Hunt — feed corroboration
Not present in any configured threat-intel feed.
Details From VirusTotal
No VirusTotal details cached for this IOC. Open the IOC page to query VirusTotal.
hash_sha1
377f522124486782f7c42b8271bdd1dc5e7c0928
IOC database
- Type
- hash_sha1
- Value
377f522124486782f7c42b8271bdd1dc5e7c0928- First seen
- Last seen
- Attached to this threat
- Appears in
- 1 threat
Threat Hunt — feed corroboration
Not present in any configured threat-intel feed.
Details From VirusTotal
No VirusTotal details cached for this IOC. Open the IOC page to query VirusTotal.
hash_md5
03e07737f076ac26dca15effec273b14
IOC database
- Type
- hash_md5
- Value
03e07737f076ac26dca15effec273b14- First seen
- Last seen
- Attached to this threat
- Appears in
- 2 threats
- Description
- URLhaus payload hash attributed to Mirai
Threat Hunt — feed corroboration
Not present in any configured threat-intel feed.
Details From VirusTotal
No VirusTotal details cached for this IOC. Open the IOC page to query VirusTotal.
References (1)
-
MalwareBazaar sample page
Abuse.ch
File type: elf. Size: 142876 bytes. Tags: elf, Mirai. Reporter: abuse_ch. First seen: 2026-06-18 06:53:27.
AI Forensic Analysis
Only Available for Registered Users. Sign in to view.