IOC Radar
MD5MediumSignal 29/100

8c5b72906e8183037532afc3f4639931

First Seen
May 28, 2026
Last Seen
Jun 2, 2026
May 28
First Seen
18d ago
Jun 2
Last Seen
13d ago
2
Reports
source reports
29%
Confidence
medium
Found in 2 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
MD5 Hash
MD5 file hash associated with malicious samples.
MISP Category
Artifacts Dropped
Hash Algorithm
MD5
Confidence
29%
Signal Score
29 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

3 techniques

Feed Intelligence Summary

2 reports29% confidence
2
Source reports
29%
Confidence score
Category tags
arctic wolfchromeekz infostealerendpoint exploitationexploitation activityfile-hashfirefoxforticlient emshttphttp postindicatoripv62a03ipv62a12powershellremote accessresearchedt1003t1059t1140vpn configuration abusewolf

Activity Timeline

1 total obs
Jun 2Jun 2

Threat Activity Heatmap

· Peak: 2026-06-02
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
1
Minimal
3mo
1
Minimal
Threat ScoreLow Risk
29
SIGNAL
Signal Score
29%
Confidence
2
Reports
First seenMay 28, 2026
Last seenJun 2, 2026

VirusTotal

Not checked

WHOIS

description
What do you need to know about security operations and how to get them in the best possible position to protect your business from cyber attacks and breaches? and what can you learn about this new platform?
references
https://arcticwolf.com/resources/blog/forticlient-ems-exploited-via-cve-2026-35616-to-deliver-ekz-infostealer-disguised-as-a-fortinet-patch, https://arcticwolf.com/resources/blog/forticlient-ems-exploited-via-cve-2026-35616-to-deliver-ekz-infostealer-disguised-as-a-fortinet-patch/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 18 days ago · Last seen 13 days ago
Appeared in 2 threat reports