IOC Radar
SHA1MediumSignal 90/100

fd582c3b870e69861bfb36b2d990d93c8538e6a2

Location
BrazilBrazil
First Seen
Apr 17, 2026
Last Seen
Apr 23, 2026
Apr 17
First Seen
75d ago
Apr 23
Last Seen
69d ago
3
Reports
source reports
90%
Confidence
medium
Found in 3 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
SHA-1 Hash
SHA-1 file hash associated with malicious samples.
MISP Category
Artifacts Dropped
Hash Algorithm
SHA1
Confidence
90%
Signal Score
90 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

8 techniques

Feed Intelligence Summary

3 reports90% confidence
3
Source reports
90%
Confidence score
Category tags
active scanafricaandroidapkarch-docasiabankerbanksbrazilchong luacloudcodecontactcontains-elfegyptelectronic shopping and mail-order housesexecutable filefigurefile-hashhongindicatorindonesiainfoblox threatinsideipv4k99keitaroluckymalwaremobilemobile threatprotectresearchedscams & fraudservicesouth americaspeedt1027t1041t1082t1105t1111t1140t1204.002t1566.002targettelecomtoolstrojanviper

Activity Timeline

1 total obs
Apr 23Apr 23

Threat Activity Heatmap

· Peak: 2026-04-23
Less
More
Mon
Wed
Fri
Jun
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), a SHA-1 hash with a high severity score of 90.118, represents a critical threat to organizational security and demands immediate attention. Its presence in the environment signifies potential compromise through malicious files, likely linked to sophisticated scam operations. Left unaddressed, this IOC could facilitate unauthorized system access, data exfiltration, the deployment of additional malicious tools, and broader network compromise, severely impacting …

Threat ScoreHigh Risk
90
SIGNAL
Signal Score
90%
Confidence
3
Reports
First seenApr 17, 2026
Last seenApr 23, 2026

VirusTotal

Not checked

WHOIS

description
Zip archive data, at least v2.0 to extract, compression method=deflate
references
IOCs.2026.csv, https://www.infoblox.com/blog/threat-intelligence/scams-slaves-and-malware-as-a-service-tracking-a-trojan-to-cambodias-scam-centers/

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 2 months ago · Last seen 2 months ago
Appeared in 3 threat reports