IOC Radar Logo
IOCRadar
IOC Radar Logo
IOCRadar

0b17325373e1e18811b18926d7c28416de333c453d416ced9379cce81833d47c

Hash
18%
SIGNAL STRENGTHModerate Noise
FIRST SEEN2025-03-10 23:40:53
LAST SEEN2025-04-25 02:55:20
CATEGORY
malware
protocol spesific attack(udp)
ssh attack
win32 malware
operation system spesific attack(windows os)
protocol spesific attack(rdp)
port scanning and brute force attempts
malicious activity
port scanner
string concatenation malware
MITRE
T1496 - Resource Hijacking
T1055 - Process Injection
T1486 - Data Encrypted for Impact
T1565 - Data Manipulation
T1071.001 - Web Protocol
T1027.002 - Software Packing
T1140 - Deobfuscate/Decode Files or Information
T1055.001 - Dynamic-link Library Injection
T1027 - Obfuscated Files or Information
T1078 - Valid Accounts
TAGS
vulnerability management
windows malware
malicious software
process injection
distributed attacks
command and control
network protocol
network scanning
operating system
credential stuffing
Eye Icon
SOCRadar
AI Insight

The presence of SHA256 hash 0b17325373e1e18811b18926d7c28416de333c453d416ced9379cce81833d47c is a critical indicator of compromise (IOC), potentially signaling the presence of malware, specifically related to the Cassini trojan family, as well as variants associated with Babar, Badur, Blackmoon and Graftor. This hash has been associated with various malicious activities, including keylogging, file discovery, DLL side-loading, and encrypted communication channels, as identified by related objects within threat intelligence feeds. Its detection warrants immediate investigation due to its potential impact, including data theft, system compromise, and network infiltration. The IOC is associated with multiple threat actor techniques outlined in the MITRE ATT&CK framework, warranting swift and comprehensive mitigation strategies.

Summary

Hash Type:
sha256
MD5:
-
SHA-1:
-
SHA-256:
-
Files:
fcb6d1d47c4099638816f02c39668b25.virus
File Type:
exe

Top Classifications

Campaign:
-
Industry:
-
Country:
-
Region:
-
Threat Actors:
-
Malware:
-

Feed Sources

Feed Source
Count
Date
SOCRadar Threat Exchange Services
2
2025-04-25
AlienVault OTX Feeds
7
2025-04-02

Threat Activity Timeline

Last 24 hours
Moderate
Last 7 Days
Minimal Activity
Last Month
Minimal Activity
Last 3 Months
Minimal Activity
Extended Threat Intelligence
Free Trial

Stay ahead with proactive cyber threat warnings

Discover how SOCRadar's all-in-one platform can help protect your digital assets with extended threat intelligence, digital risk protection, and attack surface management.