IOC Radar
TLP:WHITE5 IOCs

Kazuar: Anatomy of a nation-state botnet

MT
Microsoft Threat Intelligence
Published May 14, 2026Original Report

Threat Actors

Malware Families

Diamond Model

SOCIAL AXISTECHNOLOGY AXISADVERSARYTurlaINFRASTRUCTUREunknownCAPABILITYPsExecVICTIMunknown
Adversary(1)
Infrastructure
Capability(1)
Victim

5W+H Threat Analysis

Analysis unavailable

Indicators of Compromise

Indicators of Compromise5

TypeIndicatorConfidenceScoreFirst Seen
SHA256c1f278f88275e07cc03bd390fe1cbeedd55933110c6fd16de4187f4c4aaf42b9
file-hashintel-blogloader
Medium
53
Jun 2, 26
SHA2566eb31006ca318a21eb619d008226f08e287f753aec9042269203290462eaa00d
file-hashintel-blogloader
Medium
53
Jun 2, 26
SHA25669908f05b436bd97baae56296bf9b9e734486516f9bb9938c2b8752e152315d4
file-hashintel-blogloader
Medium
53
Jun 2, 26
MD582760b84f1d703d596c79b88ba4fac1e
file-hashintel-blogmalware
Medium
53
Jun 2, 26
SHA256436cfce71290c2fc2f2c362541db68ced6847c66a73b55487e5e5c73b0636c85
file-hashintel-blogmalware
Medium
53
Jun 2, 26

IOC Relationship Graph

IOC Relationship Graph5 total IOCs
SHA256MD5
SHA2564MD51Actors1Malware1REPORTKazuar: Anatomy of a natioTurlaPsExec
scroll to zoom · drag to pan · click IOC to open