IOC Radar
MD5MediumSignal 77/100

992b008c83aa00e32c7d997026023a94

First Seen
Apr 17, 2026
Last Seen
Apr 24, 2026
Apr 17
First Seen
63d ago
Apr 24
Last Seen
57d ago
3
Reports
source reports
77%
Confidence
medium
Found in 3 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
MD5 Hash
MD5 file hash associated with malicious samples.
MISP Category
Artifacts Dropped
Hash Algorithm
MD5
Confidence
77%
Signal Score
77 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

10 techniques

Feed Intelligence Summary

3 reports77% confidence
3
Source reports
77%
Confidence score
Category tags
api keysappdatabasic scriptbypassc2 answerconfigdecryptexecutable fileexploitation activityfile-hashfilesindicatoriocslnklnk filelnk malwarelong-sleepsmalwarepowershellpureresearchedt1008t1027.004t1041t1059.001t1059.005t1071.001t1105t1140t1547t1548.002web application attackwindows

Activity Timeline

1 total obs
Apr 24Apr 24

Threat Activity Heatmap

· Peak: 2026-04-24
Less
More
Mon
Wed
Fri
Jun
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), an MD5 hash with a high threat score of 77.23, signifies a critical threat to organizational security. Its presence strongly indicates potential compromise by sophisticated malware, likely associated with stealer campaigns. The associated activities, including the use of Cobalt Strike and techniques for data exfiltration, suggest an adversary aiming for significant unauthorized access and sensitive data theft. If left unaddressed, this IOC could lead to severe…

Threat ScoreHigh Risk
77
SIGNAL
Signal Score
77%
Confidence
3
Reports
First seenApr 17, 2026
Last seenApr 24, 2026

VirusTotal

Not checked

WHOIS

description
MS Windows shortcut, Item id list present, Has Description string, Has command line arguments, Icon number=0, Archive, ctime=Thu Dec 31 23:59:59 1969, mtime=Thu Dec 31 23:59:59 1969, atime=Thu Dec 31 23:59:59 1969, length=0, window=hide
references
https://blog.synapticsystems.de/3000-stealer-samples-one-misconfigured-apache-server/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 months ago · Last seen 1 month ago
Appeared in 3 threat reports