IOC Radar Logo
IOCRadar
IOC Radar Logo
IOCRadar

0872aa73948a79f4d0e92e194e437728

Hash
18%
SIGNAL STRENGTHSlightly Noisy
FIRST SEEN2025-03-31 09:40:05
LAST SEEN2025-04-22 00:08:51
CATEGORY
malware
ssh attack
database spesific attack(postgresql)
port scan
protocol spesific attack(rdp)
operation system spesific attack(windows os)
database spesific attack(mysql)
win32 malware
telnet threat
port scanning and brute force attempts
MITRE
T1110.001 - Password Guessing
T1110.003 - Password Spraying
T1110.004 - Credential Stuffing
T1056.001 - Keylogging
T1055 - Process Injection
T1110 - Brute Force
T1059.004 - Unix Shell
T1565 - Data Manipulation
T1486 - Data Encrypted for Impact
T1040 - Network Sniffing
TAGS
process injection
operating system
windows malware
malicious software
vulnerability management
credential access
credential stuffing
remote services
network security
database security
Eye Icon
SOCRadar
AI Insight

The presence of the MD5 hash 0872aa73948a79f4d0e92e194e437728 is a critical Indicator of Compromise (IOC) indicative of potential malware infection or malicious activity within the environment. This hash is associated with files like mrt.exe and mrtstub.exe, components sometimes related to the Microsoft Malicious Software Removal Tool (MSRT), however, its presence alongside other suspicious hashes and network indicators suggests a potential attempt to masquerade malicious code. A successful infection could lead to system compromise, data theft, or disruption of services. Contextually, SOCRadar Threat Exchange Services and AlienVault OTX Feeds have flagged this hash, highlighting its relevance in the current threat landscape. Given the potential severity, immediate investigation and remediation are crucial.

Summary

Hash Type:
md5
MD5:
-
SHA-1:
-
SHA-256:
-
Files:
mrtstub.exe
File Type:
exe

Top Classifications

Campaign:
-
Industry:
-
Country:
-
Region:
-
Threat Actors:
-
Malware:
-

Feed Sources

Feed Source
Count
Date
SOCRadar Threat Exchange Services
1
2025-04-22
AlienVault OTX Feeds
2
2025-04-03

Threat Activity Timeline

Last 24 hours
Dormant
Last 7 Days
Minimal Activity
Last Month
Minimal Activity
Last 3 Months
Minimal Activity
Extended Threat Intelligence
Free Trial

Stay ahead with proactive cyber threat warnings

Discover how SOCRadar's all-in-one platform can help protect your digital assets with extended threat intelligence, digital risk protection, and attack surface management.