IOC Radar
TLP:WHITE27 IOCs

StrikeShark: investigating a new campaign delivering Cobalt Strike through SharkLoader

SE
Securelist
Published June 24, 2026Original Report

Malware Families

Diamond Model

SOCIAL AXISTECHNOLOGY AXISADVERSARYunknownINFRASTRUCTUREms-record.topconnect-microsoft.comms-record.comCAPABILITYCobalt StrikeFscanVICTIMunknown
Adversary
Infrastructure(4)
Capability(2)
Victim

5W+H Threat Analysis

Analysis unavailable

Indicators of Compromise

Indicators of Compromise27

TypeIndicatorConfidenceScoreFirst Seen
MD5a514d1bb62d7916475946fe7c07ac0aa
active scanapi hookingasia
Low
30
Jun 25, 26
MD5d98f568496512e4f98670c61c97cb07a
file-hashintel-blogmalware
Medium
53
Jun 25, 26
CVECVE-2021-26855
exploitintel-blogmalware
Medium
51
Jun 25, 26
CVECVE-2023-46747
exploitintel-blogmalware
Medium
51
Jun 25, 26
MD5aa3086be652c8b20b0b29b2730d57119
active scanapi hookingasia
Low
32
Jun 25, 26
Domainms-record.top
exploitintel-blogloader
High
69
Jun 25, 26
MD51f65544978b8ea0e745e573b8ee9684b
active scanapi hookingapt
High
86
Jun 25, 26
CVECVE-2023-32315
exploitintel-blogmalware
Medium
51
Jun 25, 26
Domainconnect-microsoft.com
exploitintel-blogloader
High
72
Jun 25, 26
CVECVE-2024-21762
exploitintel-blogmalware
Medium
51
Jun 25, 26
MD524fcebdeecba65004fdb0923763d74fd
active scanapi hookingasia
Low
32
Jun 25, 26
CVECVE-2022-40684
exploitintel-blogmalware
Medium
51
Jun 25, 26
MD59cbd560f820c95d7c38342cd558cb5c6
active scanapi hookingasia
Low
30
Jun 25, 26
CVECVE-2025-55182
aptespionageexploit
High
86
Jun 2, 26
CVECVE-2021-27076
exploitintel-blogmalware
Medium
51
Jun 25, 26
CVECVE-2022-27925
exploitintel-blogmalware
Medium
51
Jun 25, 26
Domainms-record.com
exploitintel-blogloader
High
69
Jun 25, 26
CVECVE-2016-4437
exploitintel-blogmalware
Medium
51
Jun 25, 26
CVECVE-2024-36401
exploitintel-blogmalware
Medium
54
Jun 2, 26
MD5c559cc68986933200fd5d9e4388e2f58
botnetc2exploit
High
86
Jun 25, 26
CVECVE-2023-20198
exploitintel-blogmalware
Medium
51
Jun 25, 26
CVECVE-2022-41040
exploitintel-blogmalware
Medium
51
Jun 25, 26
MD59c872a0d5d5a38950e8b9ac9b488be3f
exploitfile-hashintel-blog
Medium
53
Jun 25, 26
MD5b3352b42432dedc4a519f011dc8b5d5a
active scanapi hookingasia
Medium
49
Jun 25, 26
Domainms-tray.top
exploitintel-blogloader
High
69
Jun 25, 26
CVECVE-2022-41082
exploitintel-blogmalware
Medium
51
Jun 25, 26
CVECVE-2021-36260
exploitintel-blogmalware
Medium
51
Jun 25, 26

IOC Relationship Graph

IOC Relationship Graph27 total IOCs
MD5CVEDomain
CVE14MD59Domain4Malware2REPORTStrikeShark: investigatingCobalt StrikeFscan
scroll to zoom · drag to pan · click IOC to open