IOC Radar Logo
IOCRadar
IOC Radar Logo
IOCRadar

01ec22c3394eb1661255d2cc646db70a66934c979c2c2d03df10127595dc76a6

Suspicious Hash
25.88%
SIGNAL STRENGTHSlightly Noisy
FIRST SEEN2025-02-11 08:41:25
LAST SEEN2025-04-25 18:41:30
CATEGORY
malware
social engineering
phishing attack
malicious activity
operation system spesific attack(windows os)
credential stealing phishing campaign
MITRE
T1114 - Email Collection
T1005 - Data from Local System
T1566 - Phishing
T1059 - Command and Scripting Interpreter
T1071 - Application Layer Protocol
T1056 - Input Capture
T1204 - User Execution
T1113 - Screen Capture
T1057 - Process Discovery
T1082 - System Information Discovery
TAGS
credential harvesting
process injection
command and control
vulnerability management
threat actor
distributed attacks
credential theft
operating system
email threat
malicious software
Eye Icon
SOCRadar
AI Insight

The SHA256 hash 01ec22c3394eb1661255d2cc646db70a66934c979c2c2d03df10127595dc76a6 is a critical Indicator of Compromise (IOC) associated with a phishing campaign impersonating Booking.com. This campaign is delivering a suite of credential-stealing malware, including Asyncrat, DanaBot, Lumma Stealer, NetSupport RAT, VenomRAT, and Xworm. Detection of this hash indicates a high probability of malware infection and potential data exfiltration, impacting system confidentiality and integrity. The threat actor, potentially identified as Storm-1865, employs techniques to steal credentials, capture user input, and exfiltrate sensitive information, potentially leading to unauthorized access to critical systems and financial loss. Immediate action is required to contain and remediate any systems associated with this IOC.

Summary

Hash Type:
sha256
MD5:
-
SHA-1:
-
SHA-256:
-
Files:
-
File Type:
-

Top Classifications

Campaign:
-
Industry:
-
Country:
-
Region:
-
Threat Actors:
-
Malware:
-

Feed Sources

Feed Source
Count
Date
Abuse.ch-Hash
1
2025-02-11
SOCRadar Threat Exchange Services
1
2025-04-25
Maltiverse Hash List
1
2025-02-10
VMRay
1
2025-02-09

Threat Activity Timeline

Last 24 hours
Minimal Activity
Last 7 Days
Minimal Activity
Last Month
Minimal Activity
Last 3 Months
Minimal Activity
Extended Threat Intelligence
Free Trial

Stay ahead with proactive cyber threat warnings

Discover how SOCRadar's all-in-one platform can help protect your digital assets with extended threat intelligence, digital risk protection, and attack surface management.