IOC Radar Logo
IOCRadar
IOC Radar Logo
IOCRadar

6ea8d7b27d2a6c0e08886f55ef810d66788d973739218270ae38c126a71ed530

Hash
18%
SIGNAL STRENGTHSlightly Noisy
FIRST SEEN2025-03-31 13:26:39
LAST SEEN2025-04-02 16:11:35
CATEGORY
malware
malicious powershell activity
cyber espionage campaign targeting critical infrastructure
MITRE
T1078 - Valid Accounts
T1105 - Ingress Tool Transfer
T1059 - Command and Scripting Interpreter
T1566 - Phishing
T1027 - Obfuscated Files or Information
T1071 - Application Layer Protocol
T1041 - Exfiltration Over Command and Control Channel
T1567 - Account Discovery
T1059.001 - PowerShell
T1086 - PowerShell
TAGS
process injection
distributed attacks
command execution
malicious software
command and control
scripting attacks
silentprism
stealer
malicious provisioning packages
signed msi
Eye Icon
SOCRadar
AI Insight

The SHA256 hash 6ea8d7b27d2a6c0e08886f55ef810d66788d973739218270ae38c126a71ed530 is a critical Indicator of Compromise (IOC) associated with multiple malware families, including DarkWisp, EncryptHub Stealer, Rhadamanthys, SilentPrism, and Stealc. These malware families are known for information stealing, credential harvesting, and potentially ransomware deployment. The hash is also linked to the advanced persistent threat (APT) group Water Gamayun, suggesting potential targeted attacks. Detection of this hash within the environment indicates a high probability of malware infection, potentially leading to data exfiltration, system compromise, and significant operational disruption. This necessitates immediate investigation and remediation to prevent further damage.

Summary

Hash Type:
sha256
MD5:
-
SHA-1:
-
SHA-256:
-
Files:
-
File Type:
-

Top Classifications

Campaign:
-
Industry:
-
Country:
-
Region:
-
Threat Actors:
-
Malware:
-

Feed Sources

Feed Source
Count
Date
AlienVault OTX Feeds
2
2025-04-02

Threat Activity Timeline

Last 24 hours
Dormant
Last 7 Days
Dormant
Last Month
Minimal Activity
Last 3 Months
Minimal Activity
Extended Threat Intelligence
Free Trial

Stay ahead with proactive cyber threat warnings

Discover how SOCRadar's all-in-one platform can help protect your digital assets with extended threat intelligence, digital risk protection, and attack surface management.