IOC Radar Logo
IOCRadar
IOC Radar Logo
IOCRadar

9cf16b3f88081fadc17a2edd8cda21d0

Suspicious Hash
32.5%
SIGNAL STRENGTHSlightly Noisy
FIRST SEEN2024-06-13 18:42:39
LAST SEEN2025-04-24 20:05:28
CATEGORY
malware
malicious activity
cryptocurrency threats
attacker
port scanner
kinsing malware campaign: brute force attempts & privilege escalation
ssh attack
MITRE
T1078 - Valid Accounts
T1018 - Remote System Discovery
T1105 - Ingress Tool Transfer
T1059 - Command and Scripting Interpreter
T1027 - Obfuscated Files or Information
T1021 - Remote Services
T1595.001 - Active Scanning
T1595.002 - Port Scanning
T1595.003 - Network Scanning
T1546.003 - Windows Management Instrumentation Event Subscription
TAGS
credential stuffing
active scanning
malicious software
process injection
privilege escalation
network scanning
command and control
distributed attacks
threat actor
resource hijacking
Eye Icon
SOCRadar
AI Insight

The presence of the MD5 hash 9cf16b3f88081fadc17a2edd8cda21d0 is a significant indicator of compromise, potentially signaling the presence of the Kinsing malware, a notorious threat targeting Linux systems to perform resource hijacking (T1496). This malware often propagates through exploiting vulnerabilities and misconfigurations, leading to unauthorized access, cryptocurrency mining, and other malicious activities. Its successful deployment can severely impact system performance, availability, and data integrity. Detected across multiple reputable threat intelligence feeds and associated with related attack patterns, files, hashes, hostnames and IPs, this IOC requires immediate attention to prevent further infection and damage.

Summary

Hash Type:
md5
MD5:
-
SHA-1:
-
SHA-256:
-
Files:
pg2.sh
File Type:
sh

Top Classifications

Campaign:
-
Industry:
-
Country:
-
Region:
-
Threat Actors:
-
Malware:
-

Feed Sources

Feed Source
Count
Date
OSINT DigitalSide.it
1
2024-05-31
Threatview.io Feeds
1
2024-05-10
SOCRadar Threat Exchange Services
1
2025-04-24
Maltiverse Hash List
1
2024-06-13

Threat Activity Timeline

Last 24 hours
Minimal Activity
Last 7 Days
Minimal Activity
Last Month
Minimal Activity
Last 3 Months
Minimal Activity
Extended Threat Intelligence
Free Trial

Stay ahead with proactive cyber threat warnings

Discover how SOCRadar's all-in-one platform can help protect your digital assets with extended threat intelligence, digital risk protection, and attack surface management.