SHA256MediumSignal 100/100

`b0fab2d1e59a877eb79cd30cbe618ac27993e7c2243c333d5aeba00eeebb6122`

First Seen

Mar 27, 2025

Last Seen

Jan 23, 2026

Mar 27

First Seen

444d ago

Jan 23

Last Seen

142d ago

Reports

source reports

99%

Confidence

medium

Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

SHA-256 Hash

SHA-256 file hash — primary identifier for malware samples.

MISP Category

Artifacts Dropped

Hash Algorithm

SHA256

Confidence

99%

Signal Score

100 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

137 techniques

Feed Intelligence Summary

9 reports99% confidence

Source reports

99%

Confidence score

Category tags

abuseactive scanningbotnetbotnet iocsbotnet miraibrute forcebrute force attemptscommandcommand and controlconnected devicescontrolcredential accesscredential stuffingctadata exfiltrationddosddos attacksdefault credentialsdevice managementdistributed attackselfexecutable fileexploitexploitationfile-hashgorillabotgs-25-1386indicatorindicators of compromiseindustrial iotinternet of thingsiocsiotiot analyticsiot applicationsiot botnetiot devicesiot malwareiot platformsiot securityiot/ics attacklateral movementlinuxmalicious softwaremalwaremirai botnetnetwork scanningnetwork securityopendirprocess injectionprotocol exploitationreconnaissanceresearchedscanning activityserviceservice disruptionsmart devicesssh attackt1010t1016t1021.001t1021.002t1021.003t1036t1036.005t1040t1053t1055t1057t1059t1059.004t1068t1070t1070.001t1070.002t1070.003t1070.004t1071t1071.001t1071.002t1078t1078.001t1078.002t1078.003t1078.004t1105t1110.002t1113t1124t1133t1189t1190t1486t1489t1496t1497t1498t1499.002t1499.003t1562t1562.001t1562.002t1562.003t1564t1564.001t1564.002t1564.003t1564.004t1565t1565.001t1565.002t1566t1566.001t1566.002t1567t1567.001t1567.002t1573t1573.001t1573.002t1574t1574.001t1574.002t1574.009t1583t1583.001t1583.002t1583.003t1583.004t1583.005t1583.006t1583.007t1584t1584.001t1584.002t1584.003t1585t1585.001t1585.002t1586t1586.001t1586.002t1587t1587.001t1587.002t1588t1588.001t1588.002t1588.003t1589t1591t1591.001t1591.002t1592t1592.001t1592.002t1592.003t1592.004t1593t1593.001t1593.002t1594t1595t1595.001t1595.002t1595.003t1596t1596.001t1596.002t1597t1597.001t1597.002t1598t1598.001t1598.002t1598.003t1599t1600t1601t1602t1608t1608.001t1608.002t1608.003t1608.004t1609t1610t1611t1612t1613t1614t1615t1619t1620t1621telnet threatupx

Activity Timeline

1 total obs

Jan 23Jan 23

Threat Activity Heatmap

· Peak: 2026-01-23

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Dormant

3mo

Dormant

Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), a SHA-256 hash, signals a critical and imminent threat to organizational security, evidenced by its perfect score of 100.0 and clear malicious associations. Its presence is a strong indicator of compromise by the Mirai botnet, a highly disruptive malware specifically designed to enlist devices into massive Distributed Denial of Service (DDoS) campaigns. If left unaddressed, this could lead to extensive network outages, severe financial implications, and signif…

Threat ScoreHigh Risk

100

SIGNAL

Signal Score

99%

Confidence

Reports

First seenMar 27, 2025

Last seenJan 23, 2026

VirusTotal

Not checked

WHOIS

description: ELF 32-bit MSB executable, MIPS, MIPS-I version 1 (SYSV), statically linked, no section header
references: https://bazaar.abuse.ch/export/csv/recent/, https://1275.ru/ioc/gs-25-1387-mirai-botnet-iocs_10192, https://darfe.es/ciberwiki/index.php?title=Mirai

`b0fab2d1e59a877eb79cd30cbe618ac27993e7c2243c333d5aeba00eeebb6122`

MITRE ATT&CK TTPs

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy