IOC Radar
MD5MediumSignal 44/100

4cc88ce123b0da8d75c0fe66a39339f6

First Seen
Jun 6, 2025
Last Seen
Feb 19, 2026
Jun 6
First Seen
374d ago
Feb 19
Last Seen
116d ago
3
Reports
source reports
44%
Confidence
medium
Found in 3 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
MD5 Hash
MD5 file hash associated with malicious samples.
MISP Category
Artifacts Dropped
Hash Algorithm
MD5
Confidence
44%
Signal Score
44 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

75 techniques

Feed Intelligence Summary

3 reports44% confidence
3
Source reports
44%
Confidence score
Category tags
active scanningaptapt malware infectionapt34backdoorbladedfelinebotnetbrute forcec serverc2cisa kevcivil servicescode executioncommand and controlcommand executioncommunication technologiescredential accesscredential stuffingdanabotdanbotdata exfiltrationdata theftdefense evasiondistributed attacksexploit avaliablefile-hashfileless malwarefirstformatftp brute forcegovernment technologyiis malwareiis modulein the wildindicatorinfostealeriran-aligned aptkeyloggerkrg systemlaretlateral movementlsasslumma stealermalicious powershell activitymalicious softwaremalwaremangomarkmilanmobile carriersmobile networksnetwork probingnetwork scanningnextoilrigolalapinarplinkprocess injectionpsexecpublic administrationpublic infrastructurepublic policypythonratrdatreconnaissanceregulatory agenciesremote accessremote access trojanremote servicesresearchedscripting attackssharkshellslippery snakeletsoftware exploitationsolarssh attackstepstrongt1003t1003.001t1005t1016t1018t1021t1021.001t1027t1041t1047t1048t1048.001t1053t1053.005t1055t1056t1059t1059.001t1059.003t1059.005t1059.006t1059.007t1068t1070t1070.004t1070.006t1071t1071.001t1071.004t1076t1078t1078.002t1078.003t1083t1086t1105t1110t1110.002t1113t1132t1132.001t1133t1140t1189t1190t1203t1204.002t1210t1486t1496t1499.002t1499.003t1546t1547t1547.001t1555t1559t1563t1565t1566t1566.001t1569t1569.002t1573t1573.001t1573.002t1583t1583.001t1583.003t1586t1586.002t1595t1595.001t1595.002t1595.003telecom servicestelecommunicationstipsvoid manticoreweb shellwhisperyellow liderc

Activity Timeline

1 total obs
Feb 19Feb 19

Threat Activity Heatmap

· Peak: 2026-02-19
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), an MD5 hash, signifies a critical threat to organizational security and demands immediate attention. With a score of 43.5 and explicitly not whitelisted, its presence strongly suggests active compromise or an imminent attack by sophisticated adversaries. The identified hash is directly associated with state-sponsored cyber espionage activities, notably those attributed to Iran-aligned groups such as BladedFeline, APT-C-34, and CHRYSENE. These threat actors are…

Threat ScoreMedium Risk
44
SIGNAL
Signal Score
44%
Confidence
3
Reports
First seenJun 6, 2025
Last seenFeb 19, 2026

VirusTotal

Not checked

WHOIS

description
Dive into ESET's comprehensive analysis of BladedFeline, an Iran-aligned APT group with likely ties to OilRig. This report uncovers the group's sophisticated cyberespionage operations targeting Kurdish and Iraqi government officials. Learn about their advanced tools, including the Whisper backdoor and PrimeCache IIS module, and their persistent efforts to maintain access to high-ranking officials.
references
https://www.welivesecurity.com/en/eset-research/bladedfeline-whispering-dark/#iocs, IOCs2.pdf, https://www.welivesecurity.com/en/eset-research/bladedfeline-whispering-dark/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 3 months ago
Appeared in 3 threat reports