IOC Radar Logo
IOCRadar
IOC Radar Logo
IOCRadar

7e95d86d67dcd91976d76d6e320b5b44b17948d5c583009faf1f5ecc951ac8db

Hash
18%
SIGNAL STRENGTHSlightly Noisy
FIRST SEEN2025-03-26 02:43:15
LAST SEEN2025-03-29 17:39:10
CATEGORY
malware
region spesific attack(europe)
data leak - election data
MITRE
T1078 - Valid Accounts
T1496 - Resource Hijacking
T1566 - Phishing
T1190 - Exploit Public-Facing Application
T1003 - OS Credential Dumping
T1055 - Process Injection
T1486 - Data Encrypted for Impact
T1565 - Data Manipulation
T1071.001 - Web Protocol
T1499.002 - Endpoint DoS
TAGS
distributed attacks
command and control
malicious software
regional security
credential theft
eu cyber policies
process injection
data exfiltration
pii exposure
botnet
Eye Icon
SOCRadar
AI Insight

The presence of the SHA256 hash 7e95d86d67dcd91976d76d6e320b5b44b17948d5c583009faf1f5ecc951ac8db is a significant indicator of compromise, strongly suggestive of REvil ransomware infection. REvil, also known as Sodinokibi, is a notorious ransomware-as-a-service (RaaS) that has been responsible for numerous high-profile attacks, causing significant financial losses and operational disruptions. Its detection warrants immediate investigation due to the potential for widespread data encryption, system unavailability, and extortion demands. The association with AlienVault OTX Feeds and reports linking it to 'win.revil - 02.23.25' within the last week (created: 2025-03-26 02:43:15, modified: 2025-03-29 17:39:10) amplifies the urgency, indicating ongoing or recent activity associated with this specific variant. Failure to address this IOC promptly could result in severe operational and reputational damage.

Summary

Hash Type:
sha256
MD5:
-
SHA-1:
-
SHA-256:
-
Files:
-
File Type:
-

Top Classifications

Campaign:
-
Industry:
-
Country:
-
Region:
-
Threat Actors:
-
Malware:
-

Feed Sources

Feed Source
Count
Date
AlienVault OTX Feeds
3
2025-03-29

Threat Activity Timeline

Last 24 hours
Dormant
Last 7 Days
Dormant
Last Month
Minimal Activity
Last 3 Months
Minimal Activity
Extended Threat Intelligence
Free Trial

Stay ahead with proactive cyber threat warnings

Discover how SOCRadar's all-in-one platform can help protect your digital assets with extended threat intelligence, digital risk protection, and attack surface management.