IOC Radar
MD5MediumSignal 100/100

5e1f61b9c1c27cad3b7a81c804ac7b86

Location
PeruPeru
First Seen
Sep 20, 2025
Last Seen
Jun 3, 2026
Sep 20
First Seen
269d ago
Jun 3
Last Seen
13d ago
12
Reports
source reports
99%
Confidence
medium
Found in 12 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
MD5 Hash
MD5 file hash associated with malicious samples.
MISP Category
Artifacts Dropped
Hash Algorithm
MD5
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

58 techniques

Feed Intelligence Summary

12 reports99% confidence
12
Source reports
99%
Confidence score
Category tags
abcd ransomwareabuseacademic institutionsactive scanactive scanningaffiliate programaffiliate-programalienvault_ransomwareanti-analysisapi abuseaptautobad reputationbankingbotnetbotnet activitybrute forcecephalus ransomwarechecks-usb-buscommand and controlcommunication protocolconsumer goodsconticredential accesscredential stuffingcredit card servicescritical infrastructurecross-platformcvecyber-attackdata encryptiondata exfiltrationdata extortiondata leakdata store exposuredefensedefense evasiondetect-debug-environmentdistributed attacksdll reflectiondouble extortiondouble-extortioneducational resourceseducational serviceseducational technologyelectronic health recordsencryptencryptionesxiesxi varianteurope/asiaevasionevasion-techniquesexeexecutable fileexploitation activityextortionf httpsfile-hashfinancefinancial servicesfinancial technologyftp brute forcegunra ransomwarehealth care and social assistancehealth information technologyhealthcare information systemshigher educationhospital managementhttp scannerhttpsidentity & access exploitationindicatorinjection activityiock-12 educationkeenadukoreanleaked datalinuxlinux variantslockbitlockbit 5.0lockbit esxilockbit greenlockbit linuxlockbit ransomware attacklockbit windowslockbit5lockbit5 ransomware activitylumma staelermalicious activitymalicious softwaremalwaremedical servicesmicronetwork intrusionnetwork scanningnorth americaoperating systemother services (except public administration)overlaypatient carepayment processingpeexeperupossible reconnaissanceprocess injectionraasransom demandransomwarereconnaissancerednovemberremote accessremote servicesremusresearchedretail traderussiaself-deletesouth americassh attacksupply chain attacksupply chain attackssystem disruptiont1003t1021t1021.001t1027t1041t1053.005t1055t1055.012t1059t1059.001t1059.003t1059.004t1069.001t1070t1070.001t1070.006t1071t1071.001t1076t1078t1078.002t1082t1083t1087t1106t1110t1110.002t1112t1133t1140t1190t1195t1199t1213t1222t1485t1486t1489t1490t1496t1497.001t1497.002t1499.002t1499.003t1562t1562.001t1563t1565t1566t1567t1583t1588t1589t1595t1595.001t1595.002t1595.003t1598threat actortor nodetransparent tribetrend microtrend researchtrend visionunauthorized access attemptunited statesuxxxxxxvirtualization targetingvmware esxivulnerability scanwealth managementweb application attackweb trafficwin32 malwarewindows malwarexworm campaign

Activity Timeline

1 total obs
Jun 3Jun 3

Threat Activity Heatmap

· Peak: 2026-06-03
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
12
Reports
First seenSep 20, 2025
Last seenJun 3, 2026

VirusTotal

Not checked

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 8 months ago · Last seen 13 days ago
Appeared in 12 threat reports