IOC Radar
SHA1HighVerifiedSignal 100/100

1488fd3f2f241143977d823ac5684205652b0d5b

Location
GermanyGermany
First Seen
Jun 24, 2025
Last Seen
Nov 28, 2025
Jun 24
First Seen
372d ago
Nov 28
Last Seen
215d ago
6
Reports
source reports
99%
Confidence
high
Found in 6 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
SHA-1 Hash
SHA-1 file hash associated with malicious samples.
MISP Category
Artifacts Dropped
Hash Algorithm
SHA1
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

25 techniques

Feed Intelligence Summary

6 reports99% confidence
6
Source reports
99%
Confidence score
Category tags
access trojanapi-base64backdoorbotnetcommandcommand and controlcontrolcredential accessdata exfiltrationdata theftdistributed attackseuropefile-hashgermanyhtahtmlindicatoringress tool transferlateral movementloaderlong-sleepsmalicious softwaremalwarenetreactorpayloadprocess injectionremote accessresearchedreverseloaderstealersusp-powershellt1003t1005t1020t1027t1041t1043t1053t1055t1059t1071t1071.001t1074t1082t1105t1107t1113t1133t1205t1211t1486t1496t1499.002t1499.003t1565t1566trojan malware

Activity Timeline

1 total obs
Nov 28Nov 28

Threat Activity Heatmap

· Peak: 2025-11-28
Less
More
Mon
Wed
Fri
Jun
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
6
Reports
First seenJun 24, 2025
Last seenNov 28, 2025
Verified IOC

VirusTotal

Not checked

WHOIS

description
HTML document, ASCII text, with very long lines (3533u), with no line terminators
references
https://www.virustotal.com/graph/embed/ga6a121deaab14cbba570c6a42d2068b64fc37efc689649718d1a373a40868225?theme=light, https://darfe.es/ciberwiki/index.php?title=Remcos_(RAT)

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 1 year ago · Last seen 7 months ago
Appeared in 6 threat reports