IOC Radar Logo
IOCRadar
IOC Radar Logo
IOCRadar

96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7

Hash
18%
SIGNAL STRENGTHExtremely Noisy
FIRST SEEN2024-12-15 06:32:11
LAST SEEN2025-04-23 09:14:03
CATEGORY
malware
hostname enumeration
information gathering
port scanning and brute force attempts detected
phishing(email threat)
protocol spesific attack(rdp)
phishing
system compromise and malware infection
port scanner
domain scanner
MITRE
T1190 - Exploit Public-Facing Application
T1076 - Remote Desktop Protocol
T1563 - Remote Services
T1021.001 - Remote Services
T1021.004 - SSH
T1110 - Brute Force
T1021.002 - SMB/Windows Admin Shares
T1110.002 - Brute Force
T1078 - Valid Accounts
T1018 - Remote System Discovery
TAGS
threat actor
windows malware
command and control
malicious links
code injection
credential access
malicious software
credential harvesting
ingress tool transfer
active scanning
Eye Icon
SOCRadar
AI Insight

The SHA256 hash 96ad1146eb96877eab5942ae0736b82d8b5e2039a80d3d6932665c1a4c87dcf7 is a high-severity Indicator of Compromise (IOC) identified by SOCRadar Threat Exchange Services and AlienVault OTX Feeds. Its significance stems from its association with numerous attack patterns, including credential dumping, system discovery, and defense evasion, suggesting a potential advanced persistent threat (APT) or sophisticated malware infection. The observed attack patterns strongly indicate that an attacker may be attempting to gain unauthorized access, escalate privileges, and maintain persistence within the compromised environment. Failure to address this IOC could result in significant data breach, system compromise, or operational disruption. Furthermore, the association with numerous temporary PowerShell files points towards potential PowerShell-based attack vectors often used for malicious script execution and lateral movement.

Summary

Hash Type:
sha256
MD5:
-
SHA-1:
-
SHA-256:
-
Files:
__PSScriptPolicyTest_52jfd4xl.fzs.psm1
File Type:
txt

Top Classifications

Campaign:
-
Industry:
-
Country:
-
Region:
-
Threat Actors:
-
Malware:
-

Feed Sources

Feed Source
Count
Date
SOCRadar Threat Exchange Services
221
2025-04-23
AlienVault OTX Feeds
11
2025-04-03

Threat Activity Timeline

Last 24 hours
Very Aggressive
Last 7 Days
Very Aggressive
Last Month
Very Aggressive
Last 3 Months
Very Aggressive
Extended Threat Intelligence
Free Trial

Stay ahead with proactive cyber threat warnings

Discover how SOCRadar's all-in-one platform can help protect your digital assets with extended threat intelligence, digital risk protection, and attack surface management.