IOC Radar Logo
IOCRadar
IOC Radar Logo
IOCRadar

92804faaab2175dc501d73e814663058c78c0a042675a8937266357bcfb96c50

Malicious Hash
97.79%
SIGNAL STRENGTHSlightly Noisy
FIRST SEEN2023-08-21 11:59:32
LAST SEEN2025-04-26 21:53:02
CATEGORY
malware
scanner
vpn
domain scanner
malicious powershell activity
port scanner
network probing and brute force attempts
protocol spesific attack(rdp)
destructive cyber attack with ransomware and wiper deployment
phishing attack
MITRE
T1027 - Obfuscated Files or Information
T1134 - Access Token Manipulation
T1569.002 - System Services
T1133 - External Remote Services
T1095 - Non-Application Layer Protocol
T1202 - Indirect Command Execution
T1614 - System Location Discovery
T1550 - Use Alternate Authentication Material
T1199 - Trusted Relationship
T1087 - Account Discovery
TAGS
command and control
scripting
protocol exploitation
ingress tool transfer
tcp protocol
active scanning
operating system security
network protocol
data encryption
account security
Eye Icon
SOCRadar
AI Insight

This SHA-256 hash, 92804faaab2175dc501d73e814663058c78c0a042675a8937266357bcfb96c50, is a critical Indicator of Compromise (IOC) due to its strong association with ransomware activity, specifically the Babuk/Babyk ransomware family. The presence of this hash in an environment strongly suggests a potential ransomware infection, which could lead to data encryption, system disruption, and significant financial losses. Its inclusion in multiple threat feeds, including Cyber Threat Alliance (CTA) and AlienVault, underscores its widespread recognition as a malicious artifact. The diverse range of related objects, from credential dumping to data exfiltration, suggests a sophisticated attacker actively attempting to compromise the system and exfiltrate sensitive information. Immediate investigation and remediation are crucial to prevent further damage.

Summary

Hash Type:
sha256
MD5:
-
SHA-1:
-
SHA-256:
-
Files:
mimikatz.exe
File Type:
exe

Top Classifications

Campaign:
-
Industry:
-
Country:
-
Region:
-
Threat Actors:
-
Malware:
-

Feed Sources

Feed Source
Count
Date
Cyber Threat Alliance (CTA)
1
2023-08-21
AlienVault Ransomware-Firehol
1
2025-04-13
URLhaus Feeds
2
2025-03-31
SOCRadar Threat Exchange Services
4
2025-04-26

Threat Activity Timeline

Last 24 hours
Dormant
Last 7 Days
Minimal Activity
Last Month
Minimal Activity
Last 3 Months
Moderate
Extended Threat Intelligence
Free Trial

Stay ahead with proactive cyber threat warnings

Discover how SOCRadar's all-in-one platform can help protect your digital assets with extended threat intelligence, digital risk protection, and attack surface management.