IOC Radar Logo
IOCRadar
IOC Radar Logo
IOCRadar

0bc5342be0bc62f151da889b7fe95b05bbbdd5b6cda89ce1f4433b7c38675890

Hash
18%
SIGNAL STRENGTHExtremely Noisy
FIRST SEEN2025-03-04 19:43:25
LAST SEEN2025-04-11 05:42:25
CATEGORY
honeypot
malware
ssh attack
port scanner
port scanning
malicious activity
network probing
sftp attack
brute force and port scanning activity
MITRE
T1499.002 - Endpoint DoS
T1499.003 - Network DoS
T1110.001 - Password Guessing
T1110.003 - Password Spraying
T1021 - Remote Services
T1041 - Exfiltration Over Command and Control Channel
T1595.001 - Active Scanning
T1595.002 - Port Scanning
T1595.003 - Network Scanning
T1021.004 - SSH
TAGS
cowrie honeypot
ssh monitoring
malicious software
process injection
distributed attacks
command and control
threat actor
decoy system
credential stuffing
active scanning
Eye Icon
SOCRadar
AI Insight

The presence of the SHA256 hash 0bc5342be0bc62f151da889b7fe95b05bbbdd5b6cda89ce1f4433b7c38675890 is a critical indicator of compromise (IOC) signaling potential malicious activity within the environment. This hash, not whitelisted and exhibiting a high score of 18.0, is strongly linked to a potentially malicious file or process and warrants immediate investigation. The association with AlienVault OTX Feeds, coupled with reports from a Cowrie honeypot, suggests the hash is linked to active attacks targeting exposed services. Failure to address this IOC could result in system compromise, data theft, or further propagation of malware within the network. The identified activity is most likely connected to opportunistic threat actors scanning for and exploiting vulnerable systems. This hash was first seen in March 2025 and activity continues to be observed until April 2025.

Summary

Hash Type:
sha256
MD5:
-
SHA-1:
-
SHA-256:
-
Files:
-
File Type:
-

Top Classifications

Campaign:
-
Industry:
-
Country:
-
Region:
-
Threat Actors:
-
Malware:
-

Feed Sources

Feed Source
Count
Date
AlienVault OTX Feeds
177
2025-04-11

Threat Activity Timeline

Last 24 hours
Dormant
Last 7 Days
Dormant
Last Month
Very Aggressive
Last 3 Months
Very Aggressive
Extended Threat Intelligence
Free Trial

Stay ahead with proactive cyber threat warnings

Discover how SOCRadar's all-in-one platform can help protect your digital assets with extended threat intelligence, digital risk protection, and attack surface management.