IOC Radar
MD5HighVerifiedSignal 44/100

0615cf458843af87c628a07865d727ef

Location
NorwayNorway
First Seen
Sep 18, 2025
Last Seen
Jun 3, 2026
Sep 18
First Seen
272d ago
Jun 3
Last Seen
14d ago
6
Reports
source reports
44%
Confidence
high
Found in 6 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
MD5 Hash
MD5 file hash associated with malicious samples.
MISP Category
Artifacts Dropped
Hash Algorithm
MD5
Confidence
44%
Signal Score
44 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

48 techniques

Feed Intelligence Summary

6 reports44% confidence
6
Source reports
44%
Confidence score
Category tags
academic institutionsactive scanningai applicationsai generated malwareai researchai solutionsai-generated codeapplication impersonationartificial intelligenceasiaautomotive manufacturingbrazilbritish indian ocean territorybrute forcebuilding constructioncanadacivil servicescode injectioncode obfuscationcode signing abusecommand and controlcomputer visionconstruction materialsconstruction safetyconstruction technologyconsumer goodscredential accesscredential harvestingcredential stuffingcredential theftcyber threatsdata exfiltrationdeep learningeducational resourceseducational serviceseducational technologyelectronic health recordselectronics manufacturingeuropeevilaievilai groupfake app distributionfake applicationsfake appsfile-hashfileless malwarefinancefinancial servicesfranceftp brute forcegermanygovernment technologyguidgunra ransomwarehealth care and social assistancehealth information technologyhealthcare information systemshigher educationhospital managementidleindiaindicatorindustrial automationindustrial iotindustrial productioninformation technologyingress tool transferinitial accessit infrastructureitalyjavascript malwarek-12 educationlockbitlong-sleepslumma staelermachine learningmalicious softwaremalwaremanufacturing technologymedical servicesnatural language processingnetwork intrusionnetwork scanningnorth americanorwaypatient carepersistence mechanismphishing attackprocess injectionprocess manufacturingpublic administrationpublic infrastructurepublic policyquality controlreconnaissancerednovemberregulatory agenciesremote accessremote servicesresearchedretail tradesocial engineeringsoftware developmentsourcesouth americaspainssh attacksupply chain attacksupply chain managementt1007t1021t1021.001t1027t1027.002t1036t1041t1055t1056.001t1057t1059t1059.007t1070t1071t1071.001t1076t1078t1105t1110t1110.002t1112t1133t1140t1189t1190t1195t1204t1204.001t1204.002t1486t1497t1499.001t1547.001t1552.001t1563t1565t1566t1566.001t1566.002t1566.003t1573t1573.001t1588.004t1595t1595.001t1595.002t1595.003t1608trend microtrojan malwareunauthorized access attemptunited kingdomunited statesweb exploitationxworm campaign

Activity Timeline

1 total obs
Jun 3Jun 3

Threat Activity Heatmap

· Peak: 2026-06-03
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreMedium Risk
44
SIGNAL
Signal Score
44%
Confidence
6
Reports
First seenSep 18, 2025
Last seenJun 3, 2026
Verified IOC

VirusTotal

Not checked

WHOIS

description
ASCII text, with very long lines (65536u), with no line terminators
references
https://www.trendmicro.com/en_us/research/25/i/evilai.html

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 9 months ago · Last seen 14 days ago
Appeared in 6 threat reports