IOC Radar
SHA1HighVerifiedSignal 74/100

4fc85d62d4ecbb29de2dd2a0547bd0f0e38696df

Location
Taiwan, Province of ChinaTaiwan, Province of China
First Seen
Apr 16, 2026
Last Seen
Apr 21, 2026
Apr 16
First Seen
57d ago
Apr 21
Last Seen
52d ago
6
Reports
source reports
74%
Confidence
high
Found in 6 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
SHA-1 Hash
SHA-1 file hash associated with malicious samples.
MISP Category
Artifacts Dropped
Hash Algorithm
SHA1
Confidence
74%
Signal Score
74 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

17 techniques

Feed Intelligence Summary

6 reports74% confidence
6
Source reports
74%
Confidence score
Category tags
abuseai workflowalienvault_ransomwareasiabad reputationcaptchacisco talosdatto rmmdefenseeducationexecutes-dropped-fileexploitation activityfigurefile-hashgmailgoogle sheetsindicatorlucidrookmalwaremonitoringn8nngonsisoverlaypeexeperuphishingphishing campaignpowershellpythonransomwareresearchedrevoked-certsignedslacksouth americat1027t1027.002t1053t1053.005t1059t1059.001t1102t1102.002t1105t1204t1204.002t1219t1566t1566.001t1566.002t1598t1598.003taiwantalosthreat actorthreat spotlighttop storytor nodeurlswebhook abusewindows

Activity Timeline

1 total obs
Apr 21Apr 21

Threat Activity Heatmap

· Peak: 2026-04-21
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC) represents a significant and urgent threat to organizational security, evidenced by its high risk score of 74.07 and its explicit association with multiple threat intelligence feeds, including AlienVault Ransomware-Firehol. This SHA1 hash is directly linked to initial access techniques, such as sophisticated phishing campaigns, and subsequent attack stages involving execution, persistence, and defense evasion. The potential impact of this IOC, if present in the…

Threat ScoreHigh Risk
74
SIGNAL
Signal Score
74%
Confidence
6
Reports
First seenApr 16, 2026
Last seenApr 21, 2026
Verified IOC

VirusTotal

Not checked

WHOIS

description
PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, Nullsoft Installer self-extracting archive
references
https://blog.talosintelligence.com/the-n8n-n8mare/, IOCs.April.pdf

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 1 month ago · Last seen 1 month ago
Appeared in 6 threat reports