IOC Radar
MD5MediumSignal 96/100

676259a72f3f770f8ad20b287d62071b

Location
PeruPeru
First Seen
Aug 10, 2024
Last Seen
Apr 2, 2026
Aug 10
First Seen
674d ago
Apr 2
Last Seen
74d ago
7
Reports
source reports
96%
Confidence
medium
Found in 7 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
MD5 Hash
MD5 file hash associated with malicious samples.
MISP Category
Artifacts Dropped
Hash Algorithm
MD5
Confidence
96%
Signal Score
96 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

46 techniques

Feed Intelligence Summary

7 reports96% confidence
7
Source reports
96%
Confidence score
Category tags
abuseactive scanagricultural supply chainagricultural technologyagriculture, forestry, fishing and huntingattackautomotive manufacturingbad reputationbankingbec attackbec phishingbotnetbotnet activitybrute forcec2civil servicescommand & controlcommand and controlcompromised websitescorruptcredential harvestingcredential phishingcredential stuffingcredential theftcredit card servicescrop productioncrypto cybercryptocurrencyctacyberdata encryptiondata exfiltrationdata store exposuredefencedistributed attacksedr bypasselectronic health recordselectronics manufacturingencryptioneuropeexploitation activityextortionfarmingfile-hashfinancefinance and insurancefinancial servicesfinancial technologyfleet managementfood productionfreight servicesgovernment technologyhas expiredhealth care and social assistancehealth information technologyhealthcare information systemshospital managementidentity & access exploitationindicatorindustrial automationindustrial iotindustrial productioninjection activityiot securityitalylatestlink manipulationlink phishinglivestock managementmalicious activitymalicious attachmentmalicious softwaremalwaremalware deliverymalware distributionmanufacturing technologymaritime transportmedical servicesoperating systemoverlaypassenger transportationpatient carepayment processingpeexeperuphishingphishing attackphishing attemptphishing campaignprecision agricultureproceedprocess injectionprocess manufacturingpublic administrationpublic infrastructurepublic policyquality controlrail transportransomhubransomwareregulatory agenciesremote servicesresearchedsocial engineeringsouth americaspamspam campaignspear phishing attacksupply chain attacksupply chain managementsustainable agriculturesystem disruptiont1003t1003.001t1016t1018t1020t1021t1021.001t1021.002t1041t1046t1053t1055t1059t1068t1069.001t1070.001t1071t1071.001t1078t1078.002t1083t1110t1189t1192t1204.002t1210t1222.001t1486t1490t1496t1499.002t1499.003t1548.002t1562t1562.001t1565t1566t1566.001t1566.002t1566.003t1566.004t1567.002t1569.002t1598t1598.003t1598.004threatthreat actortimetor nodetransportation and warehousingtransportation infrastructuretransportation technologywater bakunawawealth managementwhaling attackwin32 malwarewindows malware

Activity Timeline

1 total obs
Apr 2Apr 2

Threat Activity Heatmap

· Peak: 2026-04-02
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
96
SIGNAL
Signal Score
96%
Confidence
7
Reports
First seenAug 10, 2024
Last seenApr 2, 2026

VirusTotal

Not checked

WHOIS

description
PE32+ executable (console) x86-64 (stripped to external PDB), for MS Windows
references
https://www.trendmicro.com/en_us/research/24/i/how-ransomhub-ransomware-uses-edrkillshifter-to-disable-edr-and-.html

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 year ago · Last seen 2 months ago
Appeared in 7 threat reports