IOC Radar
DomainHighVerifiedSignal 80/100

20260414233856.cab

Location
CanadaCanada
First Seen
Apr 16, 2026
Last Seen
Apr 17, 2026
Apr 16
First Seen
57d ago
Apr 17
Last Seen
57d ago
5
Reports
source reports
80%
Confidence
high
Found in 5 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
Domain Name
Malicious domain used for C2, phishing, or malware distribution.
MISP Category
Network Activity
Confidence
80%
Signal Score
80 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

40 techniques

Feed Intelligence Summary

5 reports80% confidence
5
Source reports
80%
Confidence score
Category tags
abuseagentalienvault_ransomwareanalyzer resuansiaptarchbad reputationbodybypasscanadacapability attck mbcclassclickclosecodecontactcopycryptocryptocurrencycustom viewdata connectiondcomdgadomaindwordeducationencrypted training dataerrorevent viewerexifexploitation activityfalseformatgenerateguardhexhybridindicatorinstallioclayerlayer tlslevellinkid787651localmalwaremalware classificationmintnetworknorth americaonlineopenpasspathpcefpowershellpushransomwareresearchedresultsrootsandboxservicesha-256silentsolanastaticstatic analyzerstreamstringssubmitt1006t1007t1012t1021t1027t1036t1047t1055t1056t1057t1068t1069t1071t1072t1074t1082t1083t1105t1106t1112t1114t1115t1124t1129t1133t1134t1135t1480t1497t1543t1547t1548t1555t1558t1564t1565t1569t1573t1574t1585targetthreat actorthrttor nodetraceixtraceix entertrojanuploadvarist hybridviruswnp transportwsse

Activity Timeline

1 total obs
Apr 17Apr 17

Threat Activity Heatmap

· Peak: 2026-04-17
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
80
SIGNAL
Signal Score
80%
Confidence
5
Reports
First seenApr 16, 2026
Last seenApr 17, 2026
Verified IOC

VirusTotal

Not checked

WHOIS

description
4dfde25f15d828029e492ccdffea343500598c3d0aac896792d97b62ce2fc440 Event Viewer Custom View - Typical PC - 04.16.26.zip Another one bites the dust. I don't think a zipped log file from event viewer should be doing all of this??
references
https://traceix.com/search?sha256=4dfde25f15d828029e492ccdffea343500598c3d0aac896792d97b62ce2fc440&wait=1&tab=av, http://hybrid-analysis.com/sample/6f1886652984a97cd01fa8a0c2a5a029e90986d51b74c4b61cf81f23e1a457ae/69e146d2c0ff5214930f108b, https://app.threat.zone/submission/2630d729-3f2b-41cc-bfad-0fa3bc3cefa2/overview, https://www.filescan.io/uploads/69e1421e5ea31bc68a320574/reports/c43ffdc1-bc0f-40d7-8abc-8e515eff74c5/ioc

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 1 month ago · Last seen 1 month ago
Appeared in 5 threat reports