IOC Radar Logo
IOCRadar
IOC Radar Logo
IOCRadar

983f920ffec60b308c02cc07e0abf465c8ba965a

Hash
18%
SIGNAL STRENGTHSlightly Noisy
FIRST SEEN2025-04-18 23:22:58
LAST SEEN2025-04-26 10:48:01
CATEGORY
malware
win32 malware
information gathering
redline stealer malware detection
operation system spesific attack(windows os)
social engineering
MITRE
T1071.001 - Web Protocol
T1499.002 - Endpoint DoS
T1499.003 - Network DoS
T1555 - Credentials from Password Stores
T1496 - Resource Hijacking
T1115 - Clipboard Data
T1189 - Drive-by Compromise
T1566.001 - Spear Phishing via Service
T1059.005 - Command and Scripting Interpreter
T1069.001 - Permission Groups Discovery
TAGS
command and control
windows malware
operating system
process injection
credential theft
remote services
malicious software
vulnerability management
distributed attacks
recaptcha
Eye Icon
SOCRadar
AI Insight

The presence of SHA1 hash 983f920ffec60b308c02cc07e0abf465c8ba965a is a critical Indicator of Compromise (IOC) indicative of a potential RedLine Stealer infection. RedLine Stealer is a prevalent and dangerous commodity stealer known for exfiltrating sensitive information such as credentials, credit card details, and cryptocurrency wallets. Its presence on a system signifies a high risk of data breach, financial loss, and reputational damage. This IOC has been observed in connection with the 'ZKWindow' variant of RedLine Stealer and is associated with Microsoft infrastructure, potentially indicating a supply chain compromise or exploitation of a vulnerability in a Microsoft product or service.

Summary

Hash Type:
sha1
MD5:
-
SHA-1:
-
SHA-256:
-
Files:
zkwindow.exe
File Type:
exe

Top Classifications

Campaign:
-
Industry:
-
Country:
-
Region:
-
Threat Actors:
-
Malware:
-

Feed Sources

Feed Source
Count
Date
SOCRadar Threat Exchange Services
2
2025-04-26
AlienVault OTX Feeds
2
2025-04-26

Threat Activity Timeline

Last 24 hours
Dormant
Last 7 Days
Minimal Activity
Last Month
Minimal Activity
Last 3 Months
Minimal Activity
Extended Threat Intelligence
Free Trial

Stay ahead with proactive cyber threat warnings

Discover how SOCRadar's all-in-one platform can help protect your digital assets with extended threat intelligence, digital risk protection, and attack surface management.