TLP:WHITE14 IOCs
Microsoft Teams Relay Abused to Stealthily Route Malware Communications
Malware Families
Diamond Model
Adversary
Infrastructure(3)
Capability(2)
Victim
5W+H Threat Analysis
Analysis unavailable
Indicators of Compromise
Indicators of Compromise14
| Type | Indicator | Confidence | Score | First Seen |
|---|---|---|---|---|
| SHA256 | 048e18416177de2ead251abdf4d89837f6807c6aba4d5b1debe49adfdecbf05c file-hashintel-blogmalware | Medium | 53 | Jun 17, 26 |
| SHA256 | 8284c8676cc22c4b2e66826ac16986da7ddecba1f2776b16771be17bfdc45dc2 file-hashintel-blogmalware | Medium | 53 | Jun 17, 26 |
| CVE | CVE-2025-1055 exploitintel-blogmalware | Medium | 51 | Jun 17, 26 |
| SHA256 | e45b18c93d187aac5c4486f57483bc87580e15def82a312bfb377ff16eb96b22 exploitfile-hashintel-blog | Medium | 53 | Jun 17, 26 |
| CVE | CVE-2025-61155 exploitintel-blogmalware | Medium | 51 | Jun 17, 26 |
| SHA256 | 821da79d727351dd67ce5df7950e9a3de6647a3cf474bb3a093f67507fed92a6 file-hashintel-blogmalware | Medium | 53 | Jun 17, 26 |
| SHA256 | ce66b8221446c9b6d83f0ce6382f430e519601641e5daaaf1ca7a8a8806cb0b0 exploitfile-hashintel-blog | Medium | 53 | Jun 17, 26 |
| IP | 62.164.177.25 intel-blogmalwarenetwork | High | 58 | Jun 17, 26 |
| URL | http://192.36.27.51/TechSupV18Fix3.zip intel-blogmalwarenetwork | High | 58 | Jun 17, 26 |
| SHA256 | 82b37a92589dfd4d67ca87eb9e52ac8e682e8e60d2211f59074cd5ccc693013b file-hashintel-blogloader | Medium | 53 | Jun 17, 26 |
| SHA256 | 8a4033425d36cd99fe23e6faef9764fbf555f362ebdb5b72379342fbbe4c5531 file-hashintel-blogmalware | Medium | 53 | Jun 17, 26 |
| SHA256 | f174c19902523dcf005fa044b6598403a5e5c0a5982398d1bc0dcc5ec1cd351b file-hashintel-blogloader | Medium | 53 | Jun 17, 26 |
| CVE | CVE-2023-52271 exploitintel-blogmalware | Medium | 51 | Jun 17, 26 |
| Domain | security.com exploitintel-blogmalware | High | 58 | Jun 17, 26 |
IOC Relationship Graph
IOC Relationship Graph14 total IOCs
SHA256CVEIPURLDomain