YARAify Scan Results

You are viewing the YARAify database entry for the file with the SHA256 hash 4619414cbf5414d014fa52c665708e4d567eaad2da38ded8671893351dfb74fa.

Scan Results

SHA256 hash: 4619414cbf5414d014fa52c665708e4d567eaad2da38ded8671893351dfb74fa
File size:117'968 bytes
File download: Original
MIME type:application/x-executable
MD5 hash: 0f8ef58735ff7ed882c626793df38b42
SHA1 hash: 844d8f6b69c38596d96decad1f68ef55cf87454a
SHA3-384 hash: 4e41809ccf914920e9a21b1065ce098247146228a1c3922dde5ebb8f4535b3333b3dda6850c6e358af70787a5b22fb34
First seen:2026-05-18 07:38:41 UTC
Last seen:Never
Sightings:1
imphash :n/a
ssdeep : 3072:w9urbdDS5HE6o/JO7B3OFp0FsC01h0q69:w94bdDS5E6t7S0FsJ1W9
TLSH :n/a
telfhash :n/a
gimphash :n/a
dhash icon :n/a

Tasks

There are 1 tasks on YARAify for this particular file. The 10 most recent ones are shown below.

Task Information

Task ID:979a30f4-528c-11f1-badc-42010aa4000b
File name:4619414cbf5414d014fa52c665708e4d567eaad2da38ded8671893351dfb74fa.elf
Task parameters:ClamAV scan:True
Unpack:False
Share file:True

ClamAV Results

The file matched the following open source and commercial ClamAV rules.

Signature:Sanesecurity.Malware.30435.LC.UNOFFICIAL
Create hunting rule
Signature:Unix.Dropper.Mirai-10007027-0
Create hunting rule
Signature:Unix.Dropper.Mirai-7135897-0
Create hunting rule
Signature:Unix.Dropper.Mirai-7135901-0
Create hunting rule
Signature:Unix.Dropper.Mirai-7135909-0
Create hunting rule
Signature:Unix.Dropper.Mirai-7135918-0
Create hunting rule
Signature:Unix.Dropper.Mirai-7135954-0
Create hunting rule
Signature:Unix.Dropper.Mirai-7136016-0
Create hunting rule
Signature:Unix.Dropper.Mirai-7136028-0
Create hunting rule
Signature:Unix.Trojan.Mirai-10009361-0
Create hunting rule
Signature:Unix.Trojan.Mirai-10059006-0
Create hunting rule
Signature:Unix.Trojan.Mirai-10059216-0
Create hunting rule
Signature:Unix.Trojan.Mirai-7100807-0
Create hunting rule
Signature:Unix.Trojan.Mirai-7135916-0
Create hunting rule
Signature:Unix.Trojan.Mirai-8025795-0
Create hunting rule
Signature:Unix.Trojan.Mirai-9441505-0
Create hunting rule

YARA Results

Static Analysis

The following YARA rules matched on the file (static analysis).

Rule name:ELF_Mirai
Create hunting rule
Author:NDA0E
Description:Detects multiple Mirai variants
TLP:TLP:WHITE
Repository:YARAify
Rule name:ELF_Toriilike_persist
Create hunting rule
Author:4r4
Description:Detects Torii IoT Botnet (stealthier Mirai alternative)
Reference:Identified via researched data
TLP:TLP:WHITE
Repository:YARAify
Rule name:linux_generic_ipv6_catcher
Create hunting rule
Author:@_lubiedo
Description:ELF samples using IPv6 addresses
TLP:TLP:WHITE
Repository:Stratosphere
Rule name:Mirai_Botnet_Malware
Create hunting rule
Author:Florian Roth (Nextron Systems)
Description:Detects Mirai Botnet Malware
Reference:Internal Research
TLP:TLP:WHITE
Repository:Neo23x0
Rule name:Mirai_Botnet_Malware_RID2EF6
Create hunting rule
Author:Florian Roth
Description:Detects Mirai Botnet Malware
Reference:Internal Research
TLP:TLP:WHITE
Rule name:classified
TLP :TLP:AMBER
Rule name:SUSP_XORed_Mozilla_Oct19
Create hunting rule
Author:Florian Roth
Description:Detects suspicious single byte XORed keyword 'Mozilla/5.0' - it uses yara's XOR modifier and therefore cannot print the XOR key. You can use the CyberChef recipe linked in the reference field to brute force the used key.
Reference:https://gchq.github.io/CyberChef/#recipe=XOR_Brute_Force()
TLP:TLP:WHITE
Repository:Neo23x0
Rule name:SUSP_XORed_Mozilla_RID2DB4
Create hunting rule
Author:Florian Roth
Description:Detects suspicious XORed keyword - Mozilla/5.0
Reference:Internal Research
TLP:TLP:WHITE
Rule name:TH_Generic_MassHunt_Linux_Malware_2026_CYFARE
Create hunting rule
Author:CYFARE
Description:Generic Linux malware mass-hunt rule - 2026
Reference:https://cyfare.net/
TLP:TLP:WHITE
Repository:YARAify
Rule name:unixredflags3
Create hunting rule
Author:Tim Brown @timb_machine
Description:Hunts for UNIX red flags
TLP:TLP:WHITE
Repository:MalwareBazaar

Unpacker

The following YARA rules matched on the unpacked file.

Unpacked Files

The following files could be unpacked from this sample.