IOC Radar
TLP:WHITE5 IOCs

Inside Kimsuky’s CHM Tradecraft: Multi-Stage Execution and Selective Payload Delivery

SS
Synaptic Systems
Published June 29, 2026Original Report

Threat Actors

Malware Families

Diamond Model

SOCIAL AXISTECHNOLOGY AXISADVERSARYAPT43HiveKimsukyINFRASTRUCTUREunknownCAPABILITYHiveVICTIMunknown
Adversary(3)
Infrastructure
Capability(1)
Victim

5W+H Threat Analysis

Analysis unavailable

Indicators of Compromise

Indicators of Compromise5

TypeIndicatorConfidenceScoreFirst Seen
SHA25626ba5b01f614a215b948a5700338575412dcff2df972b7696b2c8c3f3b74a723
file-hashintel-blogmalware
Medium
53
Jun 29, 26
SHA25621781885f9d6ebc5f9e0f828aacbe3db2aaa1c142bda1495b17e723c9912f826
aptespionagefile-hash
Medium
53
Jun 29, 26
SHA256e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855
file-hashintel-blogmalware
Medium
56
Jun 2, 26
SHA256962e7a2a0b6ea9926f2198db06aa1d67326a75de7168400f8863fe7a23e51ef8
file-hashintel-blogmalware
Medium
53
Jun 29, 26
SHA2560efbd18c77479b458078521c18bdad84852b71250122a17cb8105c10d3df38d4
aptespionagefile-hash
High
86
Jun 22, 26

IOC Relationship Graph

IOC Relationship Graph5 total IOCs
SHA256
SHA2565Actors3Malware1REPORTInside Kimsuky’s CHM TradeAPT43HiveKimsukyHive
scroll to zoom · drag to pan · click IOC to open