IOC Radar
SHA256MediumSignal 100/100

aa0d3859d6633b62bccfb69017d33a8979a3be1f3f0a5a4bf6960d6c73d41121

Location
RomaniaRomania
First Seen
Oct 6, 2025
Last Seen
Jun 17, 2026
Oct 6
First Seen
258d ago
Jun 17
Last Seen
4d ago
13
Reports
source reports
99%
Confidence
medium
Found in 13 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
SHA-256 Hash
SHA-256 file hash — primary identifier for malware samples.
MISP Category
Artifacts Dropped
Hash Algorithm
SHA256
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

36 techniques

Feed Intelligence Summary

13 reports99% confidence
13
Source reports
99%
Confidence score
Category tags
abuseacademic institutionsaccommodation and food servicesaccommodation servicesactive scanagendaagendacryptaisurualienvault_ransomwareapplication developmentapt groupsasiaastaroth banking malwareattack typeautomotive manufacturingbad reputationbeaconbotnetbotnet activitybpfdoorbrute forcebusiness servicescanadachinacisacivil servicescl0pcl0p ransomwareclopcloud infrastructurecobalt strikecode executioncode injectioncommand & controlcommand and controlcommand executioncommunication technologiescommunity managementcompoodconsumer goodscontent sharingcorporate lawcredential accesscredential stuffingcritical patchcritical severitycvss versioncvss:9.8cyber threatsdata encryptiondata exfiltrationdata store exposureddosddos attacksdevelopment methodologiesdevopsdevtcpdigital mediadigital platformsdistributed attacksdistribution managementebs bieducational resourceseducational serviceseducational technologyelectronic health recordselectronics manufacturingencryptionenergyenergy distributionentertainment technologyetherrateuropeeurope/asiaexploitexploitation activityextortionfile-hashfinancefinancial servicesfleet managementfood servicesfreight forwardingfreight servicesgafgytgitlabgovernment technologyguest serviceshashhealth care and social assistancehealth information technologyhealthcare information systemshigher educationhospital managementhospitality technologyhotelsidentity & access exploitationindicatorindustrial automationindustrial iotindustrial productioninformation technologyinfostealerinjection activityintellectual property lawinterlockinternet of thingsinventory managementiot botnetiot securityiot/ics attackiranislamic republic ofit infrastructurejapank-12 educationkodadrlaw practicelegal consultinglegal researchlegal serviceslegal technologylogistics technologylzrdmacosmalicious softwaremalwaremalware campaignmanagement consultingmanufacturing technologymaritime transportmasutamatrixmedia & entertainmentmedia and entertainmentmedia distributionmedical servicesmiorimirai botnetmobile carriersmobile networksmonetastealermortemultimedia productionnetherlandsnezhanoodle ratnorth americaoil & gasokiruoracleoracle e-business suiteoracle ebsparaguaypassenger transportationpatchpatch availablepatient carephishingportpower generationpower systemspremier supportprocess injectionprocess manufacturingproduct developmentprofessional servicespublic administrationpublic infrastructurepublic policypythonqilinquality assurancequality controlrail transportransomwareratrcereactregulatory agenciesregulatory complianceremote code executionrenewable energyresearchedresgodrestaurant operationsretail traderiskrisk matrixromaniarondorondobotrussiasatorisecurity alertsecurity alertsshipping servicessliversocial analyticssocial mediasocial media marketingsocial media securitysocial networkingsoftware architecturesoftware developmentsoftware engineeringsoftware testingsourcestealit ratstreaming servicessuitesupply chainsupply chain attacksupply chain managementsystem disruptiont1005t1021t1047t1053t1055t1059t1059.001t1068t1071t1071.001t1074t1078t1090t1102t1133t1190t1203t1204t1210t1219t1486t1490t1496t1498t1499.001t1499.002t1499.003t1505.003t1555t1560t1565t1566t1566.001t1567t1569.002t1595technology hardwaretelecom servicestelecommunicationsthreat actortor nodetorlustourismtransportation and warehousingtransportation infrastructuretransportation managementtransportation technologyunauthenticated accessunited statesuser engagementvshellvulnerabilityvulnerability scanwarehouse operationswarlock ransomwarewickedxmrig

Activity Timeline

1 total obs
Jun 17Jun 17

Threat Activity Heatmap

· Peak: 2026-06-17
Less
More
Mon
Wed
Fri
Jun
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
13
Reports
First seenOct 6, 2025
Last seenJun 17, 2026

VirusTotal

Not checked

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 8 months ago · Last seen 4 days ago
Appeared in 13 threat reports