IOC Radar
MD5MediumSignal 22/100

6f01787f5f644916b2dda5b4295efa4f

Location
United StatesUnited States
First Seen
May 13, 2024
Last Seen
Jun 3, 2026
May 13
First Seen
763d ago
Jun 3
Last Seen
12d ago
3
Reports
source reports
22%
Confidence
medium
Found in 3 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
MD5 Hash
MD5 file hash associated with malicious samples.
MISP Category
Artifacts Dropped
Hash Algorithm
MD5
Confidence
22%
Signal Score
22 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

251 techniques

Feed Intelligence Summary

3 reports22% confidence
3
Source reports
22%
Confidence score
Category tags
#stopransomware: black bastaaa24-131aanydeskattackaustraliabastabatloaderbghbitsblack bastablackbastabotnetbrute ratelc++c2c2 endpointcanadachacha20cisacisa advisorycobalt strikecode executioncommand and controlcommand executioncommunications networksconticoroxycredential accesscredential harvestingcredential theftcritical infrastructurecyberdata encryptiondata exfiltrationdata theftdefense systemsdistributed attacksdouble extortionelectronic health recordsemergency servicesemotetencryptionenergy systemsevilproxyextortionfile-hashfinance and insurancefinancial systemsfrancegermanyghostgovernment facilitieshealth care and social assistancehealth information technologyhealthcare information systemshospital managementhvs iocsicmp trafficimpactincident responseindicatorinfrastructure acquisitionreconnaissanceingress tool transferinstalliociocsiocsyouitalyjapankrolllateral movementlegallinuxlocalmalicious activitymalicious downloadmalicious linksmalicious powershell activitymalicious softwaremalwaremalware distributionmedical servicesmegamicrosoft teamsmisp eventmisp feedmitre attnetcatnetsupport managernew zealandnopacnorth americaoperating systempatient carephishingphishing attackpinkslipbotprocess injectionpsexecqakbotqbotquick assistraasransomransomwarercloneresearchedretail tradersa-4096scripting attackssocial engineeringsoftware exploitationstopransomwarestorm-1811strongsystem disruptiont1001t1003t1003.001t1003.003t1003.004t1003.007t1007t1012t1016t1016.001t1016.002t1018t1020t1021t1021.001t1021.002t1021.003t1021.004t1021.005t1021.006t1021.007t1025t1027t1027.002t1027.003t1033t1036t1036.001t1036.002t1036.003t1036.004t1036.005t1036.006t1036.007t1041t1046t1047t1049t1053t1053.001t1053.002t1053.003t1053.004t1053.005t1053.007t1055t1055.001t1055.002t1055.003t1055.004t1055.008t1055.011t1055.012t1055.013t1056t1056.001t1056.003t1056.004t1057t1059t1059.001t1059.002t1059.003t1059.004t1059.005t1068t1069.001t1070t1070.001t1070.002t1070.003t1070.004t1070.005t1070.006t1070.007t1071t1071.001t1071.002t1071.003t1071.004t1071.005t1078t1078.001t1078.002t1078.003t1078.004t1082t1083t1086t1090t1095t1098t1098.001t1098.002t1098.003t1102t1102.001t1102.002t1102.003t1105t1106t1110t1110.001t1110.002t1110.003t1112t1113t1133t1134t1134.001t1134.002t1134.003t1134.004t1134.005t1136t1136.001t1136.002t1136.003t1140t1185t1187t1189t1190t1195t1197t1203t1204t1204.001t1204.002t1210t1213t1213.001t1213.002t1213.003t1218t1222t1486t1490t1496t1497t1498t1499.002t1499.003t1531t1543t1543.001t1543.002t1543.003t1543.004t1543.005t1546t1546.001t1546.002t1546.003t1546.004t1546.005t1546.006t1546.007t1546.008t1546.009t1546.010t1546.011t1546.012t1546.013t1546.014t1546.015t1547t1547.001t1547.009t1550t1550.001t1550.002t1550.003t1550.004t1555t1555.003t1555.004t1560t1562t1562.001t1562.002t1562.003t1562.004t1564t1564.001t1564.002t1564.003t1564.004t1564.005t1564.006t1564.007t1565t1566t1566.001t1566.002t1566.003t1568t1569t1569.002t1570t1571t1572t1573t1573.001t1574t1574.001t1574.002t1574.004t1574.005t1574.006t1574.008t1574.009t1574.010t1574.011t1583t1587t1587.001t1588t1588.001t1588.002t1588.003t1588.004t1588.005t1588.006t1588.007t1590t1590.001t1590.002t1590.003t1590.004t1590.005t1590.006t1591t1591.001t1591.002t1591.003t1592t1592.001t1592.002t1592.003t1592.004t1595t1595.001t1595.002t1595.003t1598t1598.001t1598.002t1598.003t1598.004t1608threat actorthreat intelligencetoolstransportation networkstrend microtrickbotunited statesvmware esxiwandering spiderwater systemsweb securitywebdavwinscpwizard spiderwmi

Activity Timeline

1 total obs
Jun 3Jun 3

Threat Activity Heatmap

· Peak: 2026-06-03
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreLow Risk
22
SIGNAL
Signal Score
22%
Confidence
3
Reports
First seenMay 13, 2024
Last seenJun 3, 2026

VirusTotal

Not checked

WHOIS

description
MD5 of 3c50f6369f0938f42d47db29a1f398e754acb2a8d96fd4b366246ac2ccbe250a

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 years ago · Last seen 12 days ago
Appeared in 3 threat reports