SHA1MediumSignal 100/100

`e10361a11f8a7f232ac3cb2125c1875a0a69a3e4`

Location

Cuba

First Seen

Jul 15, 2022

Last Seen

Jun 4, 2026

Jul 15

First Seen

1433d ago

Jun 4

Last Seen

12d ago

Reports

source reports

99%

Confidence

medium

Found in 9 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

SHA-1 Hash

SHA-1 file hash associated with malicious samples.

MISP Category

Artifacts Dropped

Hash Algorithm

SHA1

Confidence

99%

Signal Score

100 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

168 techniques

Feed Intelligence Summary

9 reports99% confidence

Source reports

99%

Confidence score

Category tags

5g attack5g attacksabuseacademic institutionsacceptacidrainactive scanactive scanningaerospace & defenseaffiliate marketingaffiliate panelsaffiliate programagent teslaai adoptionai exploitationai guardrailsai hallucinationsai jailbreakingai securityai vulnerabilitiesairport outagealert fatigueall veteransamazon giftamerica flagappleapple zero-dayapt groupapt10ascii textashley shenasiaasyncratattackaustinaws identityazure securityb0n timestampbabybackdoorbad reputationbankingbeardshellbeardshell malwarebillbinary proxyblack hat usabluetooth chipboardbodybotnetbotnet activitybrandbrand impersonationbrute forcebuilderbuilding constructionc#c++cactus ransomwarecalls-wmicareer advicecenterchaoschaos groupchecks-bioschecks-network-adapterschecks-user-inputchild protectionchina-based threat actorchrome zero-daycis cticisacisa kevcisco devicecisco ioscisco smart installcisco taloscisco vulnerabilitycivil servicesck idck techniquesclick-based attackcloud infrastructurecloud securitycobalt strikecode executioncode injectioncoinminercoinminer:mbt.26mw.in14.taloscommandcommand and controlcommand executioncommercial real estatecommunication technologiescommunications networkscommunity managementcomspecconference insightsconstruction materialsconstruction safetyconstruction technologyconsumer goodscontent sharingcorecountrycountry namecovenant frameworkcredential accesscredential harvestingcredential protectioncredential stuffingcredential theftcredit card servicescritical infrastructurecritical infrastructure vulnerabilitiescritical vulnerabilitycryptocurrencycryptocurrency theftcryptocurrency threatscryptojackingcubacvecvescxclntcyber hygienecyber threatscyber warfarecyberattackcybersecurity careercybersecurity conference analysiscybersecurity newscybersecurity precautionscybersecurity riskscybersecurity talentcybersecurity tipscybersecurity trendscybersecurity updatesdaamdark webdatadata accessdata backupdata breachdata breachesdata copyingdata destructiondata encryptiondata exfiltrationdata extractiondata privacydata protectiondata securitydata sharingdata store exposuredata transferdata uploadddosdefensedefense contractingdefense logisticsdefense systemsdefense technologydefidenverdenver startdestructive attackdestructive wiper attackdetect-debug-environmentdetection namedevice managementdevice protectiondevice securitydgadigital platformsdirect-cpu-clock-accessdistributed attacksdns attackdns-over-httpsdnssecdocument smugglingdohdoordohdoor backdoordouble extortiondownloaderdragonforcedvrdnsdynamicdynamic dnsdynamicloaderearth ammiteastern europeeducation sectoreducational resourceseducational serviceseducational technologyelectronic health recordsembassy targetsembedded securityembedded security researchemergency servicesemotionencryptencryptionenergyenergy distributionenergy sectorenergy systemsenterprise networkingenterprise securityentriesenvironment knowledgeeuropeeurope/asiaexclude suggesexecutes-dropped-fileexif standardexploitexploit avaliableexploit mitigationexploitationexploitation activityextortionfacilities managementfalsefamous chollimafile-hashfilesfiles matchingfinancefinancial institutionfinancial servicesfinancial systemsfinancial technologyfirmware compromiseflashfleet managementfonoformformatfoundfreight servicesftp brute forcegeckogenaco xgermanygh0stgmtngolfinggoogle taggovernment facilitiesgovernment technologygps vulnerabilitiesgraph summarygreengunpowder plotguy fawkeshealth care and social assistancehealth information technologyhealthcare information systemshealthcare sectorheavy industryhelixhide sampleshighhigher educationhiring practiceshiring processhistoryhoaxhospital managementhunkhybrididentity & access exploitationidsids detecids tersein the wildincident-responseinclude reviewindicatorinformation gatheringinformation securityinformation sharing risksinformation technologyinfostealerinfrastructure acquisitionreconnaissanceingress tool transferinitial accessinitial access brokerinitial access brokersinjectioninjection activityinput validation bypassintellectual curiosityinvolved directiosiot securityipv4 addit infrastructurejackposjapanjapan unknownjawsjinupdjob seekersjosejosephk-12 educationka-satkevkey identifierkhtmlkimsukyknown exploited vulnerabilitykorea, democratic people's republic oflagtoylagtoy backdoorlambdalateral movementlearnllm exploitationlocallockbitlog idlog4shelllong-sleepslorinlummalumma stealermachine learningmailing-listmalagamalaysiamalicious activitymalicious linksmalicious powershell activitymalicious softwaremalspammalvertisementmalvertisingmalwaremalware analysismalware distributionmalware trendsmaritime transportmartinmaware samoemediamedical servicesmediummentorshipmetadata analysismicrosoft edgemicrosoft patchesmilitary operationsmissionmitre attmobilemobile carriersmobile networksmobile securitymobile threatmodelmodernloadermoney launderingmontenegromountain humanmovedmozillams-isacname responsename tacticsnation-state activitynational securitynegotiation tacticsnetwork disruptionnetwork infrastructurenetwork intrusionnetwork probingnetwork scanningnetwork securitynetwork vulnerabilitiesnext yaraninanorth americanorth korea aptnotes clamavnsisnumberoil & gasopen source intelligenceopenaioperating systemos queriesoutdated softwareoverlayparagonpassenger transportationpassive dnspassword crackingpatch managementpatch management deficienciespatching advisorypath traversalpatient carepayment processingpdf payloadpdf payloadspeexeperuphishingphishing attackphishing attacksportpower generationpower systemspriorprocess injectionproductproperty investmentproperty managementprotocol exploitationproxyps1botpsychological impactptls6public administrationpublic infrastructurepublic policypublic wi-fi riskspulse submitpulsespythonqilinqilin ransomwareraasrail transportransom negotiationransomwareransomware attacksransomware awarenessransomware groupsratreadsreal estatereal estate developmentreal estate marketreal estate technologyreconnaissancerecord valueredacted adminredacted techredlineredline stealerregulatory agenciesregulatory changesregulatory riskrelevance homeremoteremote accessremote code executionremote servicesrenewable energyresearchedresidential real estateresolved ipsresource hijackingretail tradermhsrmhs articlermhs mainrmhs metarmhs ogrocky mountainrouter exploitationruntime-modulesrussiarussian aptsample analysissan franciscosatellite communicationssatellite securitysaudi arabiascams & fraudscanning activityschoolscreenshots noscript urlsscripting attackssearchsearch engine privacysearxngseattlesecurity advisorysecurity awarenesssecurity operationsselfself-awarenessself-awareness strategiesservicesharepoint vulnerabilityshellshowshow processshowingsignssimple_custom_detectionskills gapslider pluginsmall businessessnortsocial analyticssocial engineeringsocial mediasocial media marketingsocial media securitysocial networkingsoftware developmentsoftware exploitationsoftware updatesoftware updatessoftware vulnerabilitiessoldiersouth americasouth koreaspamspawnsssh attackstate-sponsored actorstate-sponsored threatstate-sponsored threatsstatic tundrastatusstopstringssupply chain attacksuspsystem disruptiont1001t1003t1005t1008t1012t1016t1018t1021t1021.001t1027t1027.001t1027.002t1027.005t1030t1033t1036t1036.005t1040t1041t1046t1047t1049t1053t1055t1056t1056.001t1057t1059t1059.001t1059.003t1059.004t1059.005t1059.007t1064t1068t1069t1069.001t1070t1070.001t1071t1071.001t1071.004t1074t1076t1078t1078.001t1078.002t1078.003t1082t1083t1086t1087t1090t1095t1098.002t1102t1102.002t1105t1110t1110.002t1112t1113t1114t1115t1119t1120t1124t1129t1132t1132.001t1133t1134t1136t1137t1140t1185t1189t1190t1192t1195t1199t1200t1203t1204t1204.001t1204.002t1205t1210t1212t1218t1219t1480t1485t1486t1489t1490t1491.001t1495t1496t1497t1498t1499t1499.001t1499.002t1499.003t1503t1505.003t1518t1526t1535t1539t1543t1547t1547.001t1552t1552.001t1553t1555t1559t1560t1561t1562t1562.001t1563t1564t1565t1566t1566.001t1566.002t1566.003t1566.004t1567t1568t1569t1569.002t1570t1571t1573t1573.002t1574.002t1574.006t1583t1584t1585t1586t1587t1587.001t1588t1588.002t1588.006t1589t1590t1590 gathert1590.001t1592t1592.001t1592.002t1592.004t1594t1595t1595.001t1595.002t1595.003t1598t1598.003t1598.004t1599t1606t1608tagstags viewporttaiwantalostalos intelligencetcp connectionsted lassotelecom servicestelecommunicationstelnet threatthemed phishingthird-party-advisorythreat actorthreat actor arrestthreat actor tacticsthreat intelligencethreat sourcethreat source newslettertiff imagetitletls webtor nodetransportation and warehousingtransportation infrastructuretransportation networkstransportation technologytravel securitytrojan malwaretrojandroppertrojanspyttl valuetwittertype indicatoduat-10027ukraineunauthorized accessunitedunited kingdomunited statesunknown threat actorunpatched systemsurlsuser engagementuser executionvendor findingvendor-advisoryvenomratvextrioviasatvicevirtoolvpnvpn vulnerabilityvpnfiltervulnerabilityvulnerability scanw32.file.malparentwarriorwater systemswealth managementweb applicationweb application attackweb application exploitationweb exploitationwifiwin3 datawin32 malwarewindowswindows malwarewindows ntwiperwpbakery pagewritex509v3 subjectxenoratxorddosyarayara detyouthzero-day exploitzero-day vulnerabilityzphp

Activity Timeline

1 total obs

Jun 4Jun 4

Threat Activity Heatmap

· Peak: 2026-06-04

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Minimal

3mo

Minimal

Threat ScoreHigh Risk

100

SIGNAL

Signal Score

99%

Confidence

Reports

First seenJul 15, 2022

Last seenJun 4, 2026

VirusTotal

Not checked

WHOIS

description: As summer winds down, a seasoned agent reflects on a journey through Seattle and the Olympic Peninsula, highlighting the importance of digital security during travel. The article provides practical cybersecurity tips for travelers, emphasizing the need to update devices, back up data, avoid public Wi-Fi, and use VPNs. It also mentions a Russian state-backed group, Static Tundra, exploiting unpatched Cisco devices using a seven-year-old vulnerability. The report includes updates on recent cybersecurity incidents, such as the Workday data breach and a novel 5G attack method. It concludes with information on upcoming events and prevalent malware files detected by Talos telemetry.

`e10361a11f8a7f232ac3cb2125c1875a0a69a3e4`

MITRE ATT&CK TTPs

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy