YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash 293a3a492aef65a88cf5434ee66ad55875deb66885871c9199296e707fb17926.

Scan Results

SHA256 hash: 293a3a492aef65a88cf5434ee66ad55875deb66885871c9199296e707fb17926
File size:123'556 bytes
File download: Original
MIME type:application/x-executable
MD5 hash: b392b602829cafc94f5b33448027d9bb
SHA1 hash: f06053478b18dfbbd1d532ade460c771fef33f0f
SHA3-384 hash: c2fba5b63d62735a5827e6fc63d1f80449fc2b28376d404d19d60da2f9d620ef240414ab8913151595aa5a3f06d628e9
First seen:2026-01-10 08:35:02 UTC
Last seen:2026-01-10 08:38:02 UTC
Sightings:5
imphash :n/a
ssdeep : 3072:6vQdQOJOA8nc+ckNDBcyJAkv/VRvLkV4j:6vQvJOA8LltqyrZoKj
TLSH :n/a
telfhash : t17a41a0faeea209ecb3c0d801d6ce6725dd29d26b355430fe05b127a032f205094b9c35
Create hunting rule
gimphash :n/a
dhash icon :n/a

Tasks

There are 5 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

Task Information

Task ID:ad15906a-edff-11f0-9df4-42010aa4000b
File name:293a3a492aef65a88cf5434ee66ad55875deb66885871c9199296e707fb17926
Task parameters:ClamAV scan:True
Unpack:True
Share file:True

ClamAV Results

The file matched the following open source and commercial ClamAV rules.

YARA Results

Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:ELF_Toriilike_persist
Create hunting rule
Author:4r4
Description:Detects Torii IoT Botnet (stealthier Mirai alternative)
Reference:Identified via researched data
TLP:TLP:WHITE
Repository:YARAify
Rule name:Linux_Trojan_Mirai_cc93863b
Create hunting rule
Author:Elastic Security
TLP:TLP:WHITE
Repository:elastic
Rule name:unixredflags3
Create hunting rule
Author:Tim Brown @timb_machine
Description:Hunts for UNIX red flags
TLP:TLP:WHITE
Repository:MalwareBazaar

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files

The following files could be unpacked from this sample.

Task Information

Task ID:985e3adb-edff-11f0-9df4-42010aa4000b
File name:293a3a492aef65a88cf5434ee66ad55875deb66885871c9199296e707fb17926.elf
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results

The file matched the following open source and commercial ClamAV rules.

YARA Results

Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:ELF_Toriilike_persist
Create hunting rule
Author:4r4
Description:Detects Torii IoT Botnet (stealthier Mirai alternative)
Reference:Identified via researched data
TLP:TLP:WHITE
Repository:YARAify
Rule name:Linux_Trojan_Mirai_cc93863b
Create hunting rule
Author:Elastic Security
TLP:TLP:WHITE
Repository:elastic
Rule name:unixredflags3
Create hunting rule
Author:Tim Brown @timb_machine
Description:Hunts for UNIX red flags
TLP:TLP:WHITE
Repository:MalwareBazaar

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files

The following files could be unpacked from this sample.

Task Information

Task ID:89654301-edff-11f0-9df4-42010aa4000b
File name:293a3a492aef65a88cf5434ee66ad55875deb66885871c9199296e707fb17926
Task parameters:ClamAV scan:True
Unpack:True
Share file:True

ClamAV Results

The file matched the following open source and commercial ClamAV rules.

YARA Results

Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:ELF_Toriilike_persist
Create hunting rule
Author:4r4
Description:Detects Torii IoT Botnet (stealthier Mirai alternative)
Reference:Identified via researched data
TLP:TLP:WHITE
Repository:YARAify
Rule name:Linux_Trojan_Mirai_cc93863b
Create hunting rule
Author:Elastic Security
TLP:TLP:WHITE
Repository:elastic
Rule name:unixredflags3
Create hunting rule
Author:Tim Brown @timb_machine
Description:Hunts for UNIX red flags
TLP:TLP:WHITE
Repository:MalwareBazaar

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files

The following files could be unpacked from this sample.

Task Information

Task ID:658a60f5-edff-11f0-9df4-42010aa4000b
File name:293a3a492aef65a88cf5434ee66ad55875deb66885871c9199296e707fb17926
Task parameters:ClamAV scan:True
Unpack:True
Share file:True

ClamAV Results

The file matched the following open source and commercial ClamAV rules.

YARA Results

Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:ELF_Toriilike_persist
Create hunting rule
Author:4r4
Description:Detects Torii IoT Botnet (stealthier Mirai alternative)
Reference:Identified via researched data
TLP:TLP:WHITE
Repository:YARAify
Rule name:Linux_Trojan_Mirai_cc93863b
Create hunting rule
Author:Elastic Security
TLP:TLP:WHITE
Repository:elastic
Rule name:unixredflags3
Create hunting rule
Author:Tim Brown @timb_machine
Description:Hunts for UNIX red flags
TLP:TLP:WHITE
Repository:MalwareBazaar

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files

The following files could be unpacked from this sample.

Task Information

Task ID:41fe4b4e-edff-11f0-9df4-42010aa4000b
File name:293a3a492aef65a88cf5434ee66ad55875deb66885871c9199296e707fb17926
Task parameters:ClamAV scan:True
Unpack:True
Share file:True

ClamAV Results

The file matched the following open source and commercial ClamAV rules.

YARA Results

Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:ELF_Toriilike_persist
Create hunting rule
Author:4r4
Description:Detects Torii IoT Botnet (stealthier Mirai alternative)
Reference:Identified via researched data
TLP:TLP:WHITE
Repository:YARAify
Rule name:Linux_Trojan_Mirai_cc93863b
Create hunting rule
Author:Elastic Security
TLP:TLP:WHITE
Repository:elastic
Rule name:unixredflags3
Create hunting rule
Author:Tim Brown @timb_machine
Description:Hunts for UNIX red flags
TLP:TLP:WHITE
Repository:MalwareBazaar

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files

The following files could be unpacked from this sample.