TLP:WHITE27 IOCs
StrikeShark: investigating a new campaign delivering Cobalt Strike through SharkLoader
Malware Families
Diamond Model
Adversary
Infrastructure(4)
Capability(2)
Victim
5W+H Threat Analysis
Analysis unavailable
Indicators of Compromise
Indicators of Compromise27
| Type | Indicator | Confidence | Score | First Seen |
|---|---|---|---|---|
| MD5 | a514d1bb62d7916475946fe7c07ac0aa active scanapi hookingasia | Low | 30 | Jun 25, 26 |
| MD5 | d98f568496512e4f98670c61c97cb07a file-hashintel-blogmalware | Medium | 53 | Jun 25, 26 |
| CVE | CVE-2021-26855 exploitintel-blogmalware | Medium | 51 | Jun 25, 26 |
| CVE | CVE-2023-46747 exploitintel-blogmalware | Medium | 51 | Jun 25, 26 |
| MD5 | aa3086be652c8b20b0b29b2730d57119 active scanapi hookingasia | Low | 32 | Jun 25, 26 |
| Domain | ms-record.top exploitintel-blogloader | High | 69 | Jun 25, 26 |
| MD5 | 1f65544978b8ea0e745e573b8ee9684b active scanapi hookingapt | High | 86 | Jun 25, 26 |
| CVE | CVE-2023-32315 exploitintel-blogmalware | Medium | 51 | Jun 25, 26 |
| Domain | connect-microsoft.com exploitintel-blogloader | High | 72 | Jun 25, 26 |
| CVE | CVE-2024-21762 exploitintel-blogmalware | Medium | 51 | Jun 25, 26 |
| MD5 | 24fcebdeecba65004fdb0923763d74fd active scanapi hookingasia | Low | 32 | Jun 25, 26 |
| CVE | CVE-2022-40684 exploitintel-blogmalware | Medium | 51 | Jun 25, 26 |
| MD5 | 9cbd560f820c95d7c38342cd558cb5c6 active scanapi hookingasia | Low | 30 | Jun 25, 26 |
| CVE | CVE-2025-55182 aptespionageexploit | High | 86 | Jun 2, 26 |
| CVE | CVE-2021-27076 exploitintel-blogmalware | Medium | 51 | Jun 25, 26 |
| CVE | CVE-2022-27925 exploitintel-blogmalware | Medium | 51 | Jun 25, 26 |
| Domain | ms-record.com exploitintel-blogloader | High | 69 | Jun 25, 26 |
| CVE | CVE-2016-4437 exploitintel-blogmalware | Medium | 51 | Jun 25, 26 |
| CVE | CVE-2024-36401 exploitintel-blogmalware | Medium | 54 | Jun 2, 26 |
| MD5 | c559cc68986933200fd5d9e4388e2f58 botnetc2exploit | High | 86 | Jun 25, 26 |
| CVE | CVE-2023-20198 exploitintel-blogmalware | Medium | 51 | Jun 25, 26 |
| CVE | CVE-2022-41040 exploitintel-blogmalware | Medium | 51 | Jun 25, 26 |
| MD5 | 9c872a0d5d5a38950e8b9ac9b488be3f exploitfile-hashintel-blog | Medium | 53 | Jun 25, 26 |
| MD5 | b3352b42432dedc4a519f011dc8b5d5a active scanapi hookingasia | Medium | 49 | Jun 25, 26 |
| Domain | ms-tray.top exploitintel-blogloader | High | 69 | Jun 25, 26 |
| CVE | CVE-2022-41082 exploitintel-blogmalware | Medium | 51 | Jun 25, 26 |
| CVE | CVE-2021-36260 exploitintel-blogmalware | Medium | 51 | Jun 25, 26 |
IOC Relationship Graph
IOC Relationship Graph27 total IOCs
MD5CVEDomain