Trusted Design

Investigation of Linux.Mirai Trojan family

概要

A Trojan for Linux that was named Linux.Mirai has several predecessors. The first malware program belonging to this family was spotted in May 2016 and was dubbed Linux.DDoS.87. At the beginning of August, a new version of this Trojan—Linux.DDoS.89—was discovered. Finally, Doctor Web’s security researchers investigated the Linux.Mirai Trojan found later that month.

Created: 2026-02-23

Indicators

• FileHash-SHA1 - 6933d555a008a07b859a55cddb704441915adf68 -
• FileHash-SHA1 - 432ef83c7692e304c621924bc961d95c4aea0c00 -
• FileHash-MD5 - 0e5bda9d39b03ce79ab8d421b90c0067 -
• FileHash-MD5 - 655c3cf460489a7d032c37cd5b84a3a8 -
• FileHash-MD5 - 7e17c34cddcaeb6755c457b99a8dfe32 -
• FileHash-SHA1 - 8a25dee4ea7d61692b2b95bd047269543aaf0c81 -
• FileHash-SHA1 - c129e2a23abe826f808725a0724f12470502a3cc -
• FileHash-SHA1 - 03ecd3b49aa19589599c64e4e7a51206a592b4ef -
• FileHash-SHA1 - 18bce2f0107b5fab1b0b7c453e2a6b6505200cbd -
• FileHash-MD5 - bf650d39eb603d92973052ca80a4fdda -
• FileHash-MD5 - eba670256b816e2d11f107f629d08494 -
• YARA - 2a710a8e38f40b8f37d59b86de1ea1d61d9016f3 -
• FileHash-SHA1 - 846b2d1b091704bb5a90a1752cafe5545588caa6 -
• FileHash-SHA1 - 7e0e07d19b9c57149e72a7ed266e0c8aa5019a6f -
• FileHash-SHA1 - bdc86295fad70480f0c6edcc37981e3cf11d838c -
• FileHash-MD5 - 0eb51d584712485300ad8e8126773941 -
• YARA - e1ce32438aaca10ceff8d801e6aef1ebf6528940 -
• FileHash-MD5 - 85784b54dee0b7c16c57e3a3a01db7e6 -
• YARA - d91ef230834a66f021dccc1fac4988be52b6d93d -
• FileHash-SHA1 - 3d770480b6410cba39e19b3a2ff3bec774cabe47 -
• FileHash-SHA1 - 9ff383309ad63da2caa9580d7d85abeece9b13a0 -
• YARA - e12cebd4b1f980b143011148ea7f72ad3616a6b0 -
• FileHash-SHA1 - 8fd0d16edf270c453c5b6b2481d0a044a410c7cd -
• FileHash-SHA1 - 96f42a9fad2923281d21eca7ecdd3161d2b61655 -
• YARA - 6cb759a447935ba07c688545808083bfd9cbb525 -
• YARA - a369721691f0d1646c678f8b253b3bd7aea201f5 -
• YARA - afc93e099ec36645bb61ab110a2ab8ad75e5450e -
• YARA - 0e6105298e24746e4046927f81bfd92a515c63bc -
• FileHash-SHA1 - 4dd3803956bc31c8c7c504734bddec47a1b57d58 -
• FileHash-MD5 - 05891dbabc42a36f33c30535f0931555 -
• FileHash-SHA1 - 6f6c625ef730beefbc23c7f362af329426607dee -
• FileHash-MD5 - 863dcf82883c885b0686dce747dcf502 -
• YARA - 5b816114ac73ceea68c32b04a484f735f7c3bb2a -
• YARA - 13289daeee02659ec49c3afaf72bf7e6d57b321b -
• FileHash-SHA1 - b63271672d6a044704836d542d92b98e2316ad24 -
• FileHash-MD5 - f832ef7a4fcd252463adddfa14db43fb -
• FileHash-MD5 - bb22b1c921ad8fa358d985ff1e51a5b8 -
• FileHash-SHA1 - 4455d237aadaf28aafce57097144beac92e55110 -
• YARA - 0b8d4b25f8b397441db12bfd1acfdafb61ddc8e9 -
• YARA - 61a3b2fa95db32ea786c2507d8f53d4a8094bf69 -
• YARA - 9595ef5b8730479e3c5bdfb99f5946877cea6ea6 -
• FileHash-MD5 - dbd92b08cbff8455ff76c453ff704dc6 -

類似Pulses

• Mirai Botnet Infrastructure (score: 0.75)
• A new IoT Botnet is Spreading over HTTP 81 on a Large Scale (score: 0.66)
• Linux/Persirai (score: 0.64)
• Mirai - An internet of things botnet (score: 0.63)
• New Trojan for Linux infects routers (score: 0.61)

このPulseに関連する脅威アクター (事実ベース)

このPulseに関連する脅威アクター (推論ベース)

Related CVEs

このPulseに見つかったCVEはありません。

Pulse – 脅威アクター グラフ

---

← Pulse一覧に戻る