IOC Radar
TLP:WHITE3 IOCs

Hackers Use Steganographic Loader to Deliver Remcos RAT via Phishing Attachments

CP
Cyber Press
Published June 22, 2026Original Report

Malware Families

Diamond Model

SOCIAL AXISTECHNOLOGY AXISADVERSARYunknownINFRASTRUCTUREunknownCAPABILITYAgentTeslaFormBookRemcosVICTIMunknown
Adversary
Infrastructure
Capability(3)
Victim

5W+H Threat Analysis

Analysis unavailable

Indicators of Compromise

Indicators of Compromise3

TypeIndicatorConfidenceScoreFirst Seen
MD5c2e25aba8e2ad4cafdd6c633b8ca0906
file-hashintel-blogmalware
Medium
53
Jun 23, 26
MD5afe085b7324d72673eef749ff5f21a49
file-hashintel-blogmalware
Medium
53
Jun 23, 26
MD5897abf678edad72998554ec18675092f
file-hashintel-blogmalware
High
85
Jun 8, 26

IOC Relationship Graph

IOC Relationship Graph3 total IOCs
MD5
MD53Malware3REPORTHackers Use SteganographicAgentTeslaFormBookRemcos
scroll to zoom · drag to pan · click IOC to open