YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash ff6e653830dd718cad5634acbacbf071bd298ed008ded2396afda9328691f974.

Scan Results

SHA256 hash: ff6e653830dd718cad5634acbacbf071bd298ed008ded2396afda9328691f974
File size:170'476 bytes
File download: Original
MIME type:application/x-executable
MD5 hash: 4e27198d8e0928ae44695c6cc3de8645
SHA1 hash: 6ce66f348591293984590079de8daeba7cfb67be
SHA3-384 hash: 976c0f031e17c33d0985bc97d2a0fd9b050a686d84fc3adad28480a3cb7fc5090daae4f39e9156f22002d0078b3611f3
First seen:2025-12-26 18:09:35 UTC
Last seen:Never
Sightings:1
imphash :n/a
ssdeep : 3072:h+O9+iJkUCFx6K5S1Us7Lyn5SXlFR/9Nb41d42+UHJaW7UVFZT:h+FSX51Nb4X4/UHAIUV3T
TLSH :n/a
telfhash : t1f3212393cb500bcc37e08389c19d962f90b571ed235a141e9da62a8f9962dc17515836
Create hunting rule
gimphash :n/a
dhash icon :n/a

Tasks

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

Task Information

Task ID:096b3acc-e286-11f0-9df4-42010aa4000b
File name:ff6e653830dd718cad5634acbacbf071bd298ed008ded2396afda9328691f974.elf
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results

The file matched the following open source and commercial ClamAV rules.

YARA Results

Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:ELF_Toriilike_persist
Create hunting rule
Author:4r4
Description:Detects Torii IoT Botnet (stealthier Mirai alternative)
Reference:Identified via researched data
TLP:TLP:WHITE
Repository:YARAify
Rule name:Linux_Generic_Threat_d94e1020
Create hunting rule
Author:Elastic Security
TLP:TLP:WHITE
Repository:elastic

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files

The following files could be unpacked from this sample.