IOC Radar Logo
IOCRadar
IOC Radar Logo
IOCRadar

3b0a4415a78458eab4e8059e803a3336d2e3ce10afd941b94a6b30994448b469

Hash
18%
SIGNAL STRENGTHSlightly Noisy
FIRST SEEN2025-03-31 09:43:02
LAST SEEN2025-04-22 19:21:06
CATEGORY
malware
port scanning and brute force attempts
database spesific attack(postgresql)
port scan
database spesific attack(mysql)
operation system spesific attack(windows os)
win32 malware
telnet threat
ssh attack
protocol spesific attack(rdp)
MITRE
T1595 - Active Scanning
T1499.002 - Endpoint DoS
T1499.003 - Network DoS
T1496 - Resource Hijacking
T1190 - Exploit Public-Facing Application
T1059.003 - SQL Injection
T1505.002 - Server Software Component
T1110.002 - Brute Force
T1076 - Remote Desktop Protocol
T1563 - Remote Services
TAGS
vulnerability management
windows malware
credential stuffing
server exploitation
credential access
protocol exploitation
distributed attacks
command and control
network security
database security
Eye Icon
SOCRadar
AI Insight

The presence of the SHA256 hash 3b0a4415a78458eab4e8059e803a3336d2e3ce10afd941b94a6b30994448b469 is a critical indicator of compromise (IOC) signifying potential malware infection or malicious activity within the environment. This IOC, flagged by multiple threat intelligence feeds, is associated with a high score of 18.0, suggesting a considerable risk. The detection of this hash necessitates immediate investigation and remediation to prevent potential data breaches, system compromise, or operational disruption. Given its relationships with files such as MPASBASE.VDM, MPGEAR.DLL, and MSERT.exe, which are commonly associated with Microsoft Defender Antivirus components (although potentially spoofed by malware), this IOC could represent an attempt to disable or circumvent endpoint protection, or that components of the Antivirus have been compromised. This warrants a high-priority response.

Summary

Hash Type:
sha256
MD5:
-
SHA-1:
-
SHA-256:
-
Files:
MSERT.exe
File Type:
exe

Top Classifications

Campaign:
-
Industry:
-
Country:
-
Region:
-
Threat Actors:
-
Malware:
-

Feed Sources

Feed Source
Count
Date
SOCRadar Threat Exchange Services
1
2025-04-22
AlienVault OTX Feeds
3
2025-04-22

Threat Activity Timeline

Last 24 hours
Dormant
Last 7 Days
Minimal Activity
Last Month
Minimal Activity
Last 3 Months
Minimal Activity
Extended Threat Intelligence
Free Trial

Stay ahead with proactive cyber threat warnings

Discover how SOCRadar's all-in-one platform can help protect your digital assets with extended threat intelligence, digital risk protection, and attack surface management.