IOC Radar

TLP:WHITE12 IOCs

Detecting Nimbus Manticore and their sideloading infection chains

NS

Nextron Systems

Published June 1, 2026Original Report

Threat Actors

Malware Families

Diamond Model

Adversary(1)

Infrastructure(2)

Capability(2)

Victim

5W+H Threat Analysis

Analysis unavailable

Indicators of Compromise

Indicators of Compromise12

Type	Indicator	Confidence	Score	First Seen
Domain	business-joiners-exam.azurewebsiets.net intel-blogmalwarenetwork	High	63	Jun 2, 26
SHA256	620c51f4376cb79f0109c21971c28661418ae50b119585e3ffdb8011189fcb7b file-hashindicatorintel-blog	High	61	Jun 2, 26
SHA256	072744ce205bb89a36e563a86f30df5689e64eee75106b97ce708551c8194bbc file-hashintel-blogmalware	High	56	Jun 2, 26
SHA256	9b63b744dc1f3a24f057a404c5622ed0ca933752a00ce05117727c7d11f05536 file-hashindicatorintel-blog	High	61	Jun 2, 26
URL	https://ebix.recruitment-flow.com/ exploitintel-blogmalware	High	63	Jun 2, 26
SHA256	d1f525eb9347133b92e9558e1413558c8348c0f35a62577f60a5192ba38eb776 file-hashindicatorintel-blog	High	61	Jun 2, 26
SHA256	3628d13d2f8af7663d58dd1aa352c8f12d12233a7318ee203f01f195573a2ed2 file-hashintel-blogmalware	High	56	Jun 2, 26
SHA256	06d12a4c4e3cc725dba37445cebeba41803718ccdb63d9d637355a241f651668 file-hashindicatorintel-blog	High	61	Jun 2, 26
SHA256	c7ef2ec19d158301773b1590f5b5eeb362a30f725acad8f5b3a230e9f26d14be file-hashintel-blogmalware	High	56	Jun 2, 26
SHA256	8e5fc0998838559ca8611e6c03fd998a17ffc2eade24715b2fc3e723c712eb8b file-hashintel-blogmalware	High	56	Jun 2, 26
SHA256	eee657ffdb2af8ed6412221e7d5fbf4f5742f2ac2c88f43f12db46af0697de71 file-hashintel-blogmalware	High	56	Jun 2, 26
SHA256	dfa1e3137a032ee8561a1cd5e1a0f71a10bebb36aef7c336c878638a9c1239ee file-hashintel-blogmalware	High	56	Jun 2, 26

IOC Relationship Graph

IOC Relationship Graph12 total IOCs

DomainSHA256URL

scroll to zoom · drag to pan · click IOC to open