IOC Radar
TLP:WHITE3 IOCs

Hackers Use Potemkin Loader to Deliver RMMProject RAT in ClickFix Intrusion

CP
Cyber Press
Published June 17, 2026Original Report

Malware Families

Diamond Model

SOCIAL AXISTECHNOLOGY AXISADVERSARYunknownINFRASTRUCTUREunknownCAPABILITYXWormVICTIMunknown
Adversary
Infrastructure
Capability(1)
Victim

Attack Flow10 steps · MITRE ATT&CK mapped

Initial AccessTA0001·T1566
1/10
Phishing
ActionTrick user into execution
Victims are tricked into copying and executing a malicious command in the Windows Run dialog.

5W+H Threat Analysis

Analysis unavailable

Indicators of Compromise

Indicators of Compromise3

TypeIndicatorConfidenceScoreFirst Seen
MD51df4d1a69c1442a88c71dd106be894e0
aptespionageexploit
Medium
53
Jun 18, 26
MD53eb6f92aedf74f109c7b4b0897ec39a8
aptespionageexploit
High
60
Jun 11, 26
MD5e4d32349946c467ca2693c3da20f3701
aptespionageexploit
Medium
53
Jun 18, 26

IOC Relationship Graph

IOC Relationship Graph3 total IOCs
MD5
MD53Malware1REPORTHackers Use Potemkin LoadeXWorm
scroll to zoom · drag to pan · click IOC to open