MD5MediumSignal 63/100
916c8ee9d8214448ff64a173cf97faa4
First Seen
Apr 17, 2026
Last Seen
Apr 24, 2026
Found in 3 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
MD5 Hash
MD5 file hash associated with malicious samples.
MISP Category
Artifacts Dropped
Hash Algorithm
MD5
Confidence
63%
Signal Score
63 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Feed Intelligence Summary
3 reports63% confidence
3
Source reports
63%
Confidence score
Category tags
api keysappdatabasic scriptbypassc2 answerconfigdecryptexecutable fileexploitation activityfile-hashfilesindicatoriocslnklnk filelnk malwarelong-sleepsmalwarepowershellpureresearchedt1008t1027.004t1041t1059.001t1059.005t1071.001t1105t1140t1547t1548.002web application attackwindows
Activity Timeline
Apr 24Apr 24
Threat Activity Heatmap
· Peak: 2026-04-24LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated
This indicator of compromise (IOC), an MD5 hash with a significant threat score of over 63, points to a high likelihood of involvement in sophisticated malicious activities. Its discovery necessitates immediate attention, as it is strongly associated with stealer samples and advanced attack techniques, as detailed in the related threat intelligence. The extensive web of 54 related indicators, including various MITRE ATT&CK techniques, files, hostnames, and IP addresses, suggests that this IOC is…
Threat ScoreMedium Risk
63
SIGNAL
Signal Score
63%
Confidence
3
Reports
First seenApr 17, 2026
Last seenApr 24, 2026
VirusTotal
Not checked
WHOIS
- description
- MS Windows shortcut, Item id list present, Has Description string, Has command line arguments, Icon number=0, Archive, ctime=Thu Dec 31 23:59:59 1969, mtime=Thu Dec 31 23:59:59 1969, atime=Thu Dec 31 23:59:59 1969, length=0, window=hide
- references
- https://blog.synapticsystems.de/3000-stealer-samples-one-misconfigured-apache-server/
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 2 months ago · Last seen 2 months ago
Appeared in 3 threat reports