MB-3c56921620092160263dc354aa64c1669473f54ff1c1cf952547a83af06f1558 high

Description

File type: elf. Size: 125632 bytes. Tags: elf, Mirai. Reporter: abuse_ch. First seen: 2026-06-13 15:09:49.

• [2508.01909v1] Analyzing The Mirai IoT Botnet and Its Recent Variants ...
  web:arxiv.org

  Mirai is undoubtedly one of the most significant Internet of Things (IoT) botnet attacks in history. In terms of its detrimental effects, seamless spread, and low detection rate, it surpassed its predecessors. Its developers released the source code, which triggered the development of several variants that combined the old code with newer vulnerabilities found on popular IoT devices. The ...

  2026-06-14 09:03 UTC
• A_Survey_on_The_Mirai_IoT_Botnet_and_Its_Recent_Variants (2)
  web:arxiv.org

  Paras Jha and Josiah White created Mirai , co-founders of Protraf Solutions, which offered mitigation services for DDoS attacks [28]. Mirai has created the basis for many botnets that exist today.

  2026-06-14 09:03 UTC
• MalwareBazaar | armv5l
  web:bazaar.abuse.ch

  Malware samples associated with tag armv5l MalwareBazaar Database Samples on MalwareBazaar are usually associated with certain tags. Every sample can associated with one or more tags. Using tags, it is easy to navigate through the huge amount of malware samples in the MalwareBazaar corpus. The page below gives you an overview on malware samples that are tagged with armv5l. Database Entry

  2026-06-14 09:03 UTC
• jgamblin/Mirai-Source-Code - GitHub
  web:github.com

  This repository contains the leaked source code of the Mirai botnet, originally created to infect IoT devices and launch large-scale DDoS attacks. This code is provided strictly for cybersecurity research, reverse engineering, malware analysis, and detection development purposes only.

  2026-06-14 09:03 UTC
• GitHub - malol01/cross-compiler-for-mirai-archive · GitHub
  web:github.com

  Contribute to malol01/cross-compiler-for- mirai -archive development by creating an account on GitHub.

  2026-06-14 09:03 UTC
• IoT Under Siege: The Anatomy of the Latest Mirai Campaign Leveraging ...
  web:unit42.paloaltonetworks.com

  Mirai is a still-active botnet with new variants. We highlight observed exploitation of IoT vulnerabilities — due to low complexity and high impact.

  2026-06-14 09:03 UTC
• Mirai Botnet Forensic Analysis - Cyber - westoahu.hawaii.edu
  web:westoahu.hawaii.edu

  A botnet called Mirai infected hundreds of thousands of Internet of Things (IoT) devices, amassing a wide network of compromised devices. Mitigations against the Mirai botnet involve taking proactive security measures, properly hardening systems, and updating to the latest software to reduce the risk of compromise.

  2026-06-14 09:03 UTC
• Automated Malware Analysis Report for iran.armv5l - Joe Sandbox
  web:www.joesandbox.com

  ELF contains segments with high entropy indicating compressed/encrypted content

  2026-06-14 09:03 UTC
• Automated Malware Analysis Report for iran.armv5l.elf - Generated by ...
  web:www.joesandbox.com

  Found malware configuration Multi AV Scanner detection for submitted file Yara detected Gafgyt Yara detected Mirai iran.armv5l.elf started iran.armv5l.elf

  2026-06-14 09:03 UTC
• PDF Mirai Botnet - Quorum Cyber
  web:www.quorumcyber.com

  Mirai initially infected and weaponised devices such as smart cameras and Realtek routers2. The botnet variant was created in a racketeering attempt by the cofounders of Protraf Solutions, an organisation offering DDoS mitigation services.

  2026-06-14 09:03 UTC

Indicators of Compromise (3)

Each indicator is enriched from the IOC database, threat-intel feed corroboration (Threat Hunt) and VirusTotal. Click one to expand.

References (1)

• MalwareBazaar sample page Abuse.ch

  File type: elf. Size: 125632 bytes. Tags: elf, Mirai. Reporter: abuse_ch. First seen: 2026-06-13 15:09:49.

Only Available for Registered Users. Sign in to view.