IOC Radar Logo
IOCRadar
IOC Radar Logo
IOCRadar

690abe98f8e88e3e5180028527c4342cb8214a2c

Suspicious Hash
36.5%
SIGNAL STRENGTHSlightly Noisy
FIRST SEEN2025-03-18 15:13:06
LAST SEEN2025-04-24 23:28:03
CATEGORY
malware
phishing attack
social engineering
phishing campaign distributing guloader malware
phishing(email threat)
phishing
MITRE
T1059.005 - Command and Scripting Interpreter
T1105 - Ingress Tool Transfer
T1566 - Phishing
T1027 - Obfuscated Files or Information
T1189 - Drive-by Compromise
T1566.004 - Spear Phishing Link
T1566.001 - Spear Phishing via Service
T1566.002 - Spear Phishing via Service
T1566.003 - Spear Phishing Attachment
T1547 - Boot or Logon Autostart Execution
TAGS
distributed attacks
credential harvesting
malicious software
process injection
email threat
command and control
polysyndetic
asec
downloader
malware analysis
Eye Icon
SOCRadar
AI Insight

The presence of SHA1 hash 690abe98f8e88e3e5180028527c4342cb8214a2c is a significant Indicator of Compromise (IOC), indicative of potential malware infection, specifically linked to GuLoader and Xworm malware families, frequently distributed through phishing campaigns. This hash is strongly associated with malicious activity based on multiple threat intelligence feeds, including Abuse.ch-Hash, Threatview.io Feeds, SOCRadar Threat Exchange Services, Maltiverse Hash List, and AlienVault OTX Feeds. Its presence suggests a potential breach or ongoing malicious activity within the organization's environment. The observed MITRE ATT&CK mappings highlight the attacker's potential use of process injection, boot or logon autostart execution, and phishing techniques, which could lead to unauthorized system access, data compromise, and/or further propagation of malware. Immediate action is required to assess and mitigate any potential impact.

Summary

Hash Type:
sha1
MD5:
-
SHA-1:
-
SHA-256:
-
Files:
awb_fedex_documents_delivery_18_03_2025_000000000.vbs
File Type:
vbs

Top Classifications

Campaign:
-
Industry:
-
Country:
-
Region:
-
Threat Actors:
-
Malware:
-

Feed Sources

Feed Source
Count
Date
Abuse.ch-Hash
1
2025-03-18
Threatview.io Feeds
2
2025-04-16
SOCRadar Threat Exchange Services
4
2025-04-24
Maltiverse Hash List
1
2025-03-18

Threat Activity Timeline

Last 24 hours
Dormant
Last 7 Days
Moderate
Last Month
Minimal Activity
Last 3 Months
Minimal Activity
Extended Threat Intelligence
Free Trial

Stay ahead with proactive cyber threat warnings

Discover how SOCRadar's all-in-one platform can help protect your digital assets with extended threat intelligence, digital risk protection, and attack surface management.