IOC Radar
MD5MediumSignal 63/100

36c4eef5ed35796d2de44a1e34786c52

First Seen
Apr 17, 2026
Last Seen
Apr 24, 2026
Apr 17
First Seen
61d ago
Apr 24
Last Seen
54d ago
3
Reports
source reports
63%
Confidence
medium
Found in 3 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
MD5 Hash
MD5 file hash associated with malicious samples.
MISP Category
Artifacts Dropped
Hash Algorithm
MD5
Confidence
63%
Signal Score
63 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

10 techniques

Feed Intelligence Summary

3 reports63% confidence
3
Source reports
63%
Confidence score
Category tags
api keysappdatabasic scriptbypassc2 answerconfigdecryptexecutable fileexploitation activityfile-hashfilesindicatoriocslnklnk filelnk malwarelong-sleepsmalwarepowershellpureresearchedt1008t1027.004t1041t1059.001t1059.005t1071.001t1105t1140t1547t1548.002web application attackwindows

Activity Timeline

1 total obs
Apr 24Apr 24

Threat Activity Heatmap

· Peak: 2026-04-24
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), an MD5 file hash with a high threat score of 63.41, represents a significant and immediate risk to organizational security. Its presence strongly suggests potential system compromise, allowing adversaries to establish persistent access, exfiltrate sensitive data, and maintain control over affected endpoints. Analysis indicates this IOC is associated with advanced tactics including the use of fallback channels for communication, compilation of malicious code af…

Threat ScoreMedium Risk
63
SIGNAL
Signal Score
63%
Confidence
3
Reports
First seenApr 17, 2026
Last seenApr 24, 2026

VirusTotal

Not checked

WHOIS

description
MS Windows shortcut, Item id list present, Has Description string, Has command line arguments, Icon number=0, Archive, ctime=Thu Dec 31 23:59:59 1969, mtime=Thu Dec 31 23:59:59 1969, atime=Thu Dec 31 23:59:59 1969, length=0, window=hide
references
https://blog.synapticsystems.de/3000-stealer-samples-one-misconfigured-apache-server/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 months ago · Last seen 1 month ago
Appeared in 3 threat reports