IOCRadar

48c3140af609dd80eb8a7900561ef9229409d9b01447dce4a43b8dabc04dc2d5

Suspicious Hash

24%

SIGNAL STRENGTHQuiet

FIRST SEEN2025-02-25 11:24:55

LAST SEEN2025-04-26 05:58:53

TAGS

code injection

command and control

command execution

credential harvesting

email threat

scripting

code execution

malicious software

process injection

credential theft

SOCRadar

AI Insight

The SHA256 hash 48c3140af609dd80eb8a7900561ef9229409d9b01447dce4a43b8dabc04dc2d5 is a critical Indicator of Compromise (IOC) due to its association with the Loki Password Stealer (PWS), a known information-stealing malware. This malware family is capable of extracting sensitive data, including credentials, from compromised systems. Its presence poses a significant risk of data breaches, financial loss, and reputational damage. This IOC is linked to a campaign observed starting around 2025-02-25 and still active as of 2025-04-26, according to threat intelligence feeds such as Abuse.ch-Hash, SOCRadar, and AlienVault OTX. Its identification necessitates immediate action to prevent further compromise and mitigate potential impact.

Summary

Hash Type:

sha256

MD5:

SHA-1:

SHA-256:

Files:

Bank Slip pdf.zip

File Type:

zip

Top Classifications

Campaign:

Industry:

Country:

Region:

Threat Actors:

Malware:

Feed Sources

Feed Source

Count

Date

Abuse.ch-Hash

2025-02-25

SOCRadar Threat Exchange Services

2025-04-26

AlienVault OTX Feeds

2025-03-22

Threat Activity Timeline

Last 24 hours

Moderate

Last 7 Days

Minimal Activity

Last Month

Minimal Activity

Last 3 Months

Minimal Activity

Extended Threat Intelligence

Free Trial

Stay ahead with proactive cyber threat warnings

Discover how SOCRadar's all-in-one platform can help protect your digital assets with extended threat intelligence, digital risk protection, and attack surface management.