IOC Radar Logo
IOCRadar
IOC Radar Logo
IOCRadar

6b6b2fa135738671e1a1f90ddd5fe4f567b1b7d9415ea8ebc32b56f846dca607

Suspicious Hash
23.7%
SIGNAL STRENGTHQuiet
FIRST SEEN2025-02-12 08:41:42
LAST SEEN2025-04-26 02:26:18
CATEGORY
malware
phishing campaign
win32 malware
cryptocurrency credential stealing malware activity
information stealer
operation system spesific attack(windows os)
MITRE
T1005 - Data from Local System
T1059 - Command and Scripting Interpreter
T1566 - Phishing
T1027 - Obfuscated Files or Information
T1071 - Application Layer Protocol
T1115 - Clipboard Data
T1056 - Input Capture
T1041 - Exfiltration Over Command and Control Channel
T1003 - OS Credential Dumping
T1189 - Drive-by Compromise
TAGS
command and control
distributed attacks
vulnerability management
credential theft
malicious software
remote services
account compromise
operating system
windows malware
process injection
Eye Icon
SOCRadar
AI Insight

The presence of SHA256 hash 6b6b2fa135738671e1a1f90ddd5fe4f567b1b7d9415ea8ebc32b56f846dca607 is a critical indicator of compromise, strongly suggesting the presence of the CryptBot stealer malware within the environment. CryptBot is known for stealing credentials, sensitive data from local systems and clipboard, and exfiltrating this data to command and control (C2) servers. Its presence indicates a significant risk of data breach, financial loss, and reputational damage. This IOC's relevance is amplified by its association with known CryptBot campaigns observed as recently as March 20, 2025, indicating an active and ongoing threat.

Summary

Hash Type:
sha256
MD5:
-
SHA-1:
-
SHA-256:
-
Files:
9b5979457a083498360f2f8c802b31a4710f7bbe.bin
File Type:
exe

Top Classifications

Campaign:
-
Industry:
-
Country:
-
Region:
-
Threat Actors:
-
Malware:
-

Feed Sources

Feed Source
Count
Date
Abuse.ch-Hash
1
2025-02-12
SOCRadar Threat Exchange Services
2
2025-04-26
Maltiverse Hash List
1
2025-02-12
FileScan.io - Suspicious
1
2025-02-11

Threat Activity Timeline

Last 24 hours
Moderate
Last 7 Days
Minimal Activity
Last Month
Minimal Activity
Last 3 Months
Minimal Activity
Extended Threat Intelligence
Free Trial

Stay ahead with proactive cyber threat warnings

Discover how SOCRadar's all-in-one platform can help protect your digital assets with extended threat intelligence, digital risk protection, and attack surface management.