IOC Radar Logo
IOCRadar
IOC Radar Logo
IOCRadar

ab83a2e527d4182c94ab66815c5f7548d6fa9ab1

Hash
18%
SIGNAL STRENGTHModerate Noise
FIRST SEEN2025-03-31 09:40:05
LAST SEEN2025-04-23 06:36:12
CATEGORY
malware
port scan
protocol spesific attack(rdp)
port scanning and brute force attempts
ssh attack
database spesific attack(postgresql)
win32 malware
database spesific attack(mysql)
telnet threat
operation system spesific attack(windows os)
MITRE
T1595 - Active Scanning
T1499.002 - Endpoint DoS
T1499.003 - Network DoS
T1496 - Resource Hijacking
T1190 - Exploit Public-Facing Application
T1059.003 - SQL Injection
T1505.002 - Server Software Component
T1110.002 - Brute Force
T1076 - Remote Desktop Protocol
T1563 - Remote Services
TAGS
command and control
database security
credential stuffing
malicious software
server exploitation
process injection
protocol exploitation
distributed attacks
credential access
remote services
Eye Icon
SOCRadar
AI Insight

The presence of the SHA1 hash ab83a2e527d4182c94ab66815c5f7548d6fa9ab1 is a significant Indicator of Compromise (IOC) indicating potential malware infection or malicious activity within the environment. This particular hash is associated with multiple potentially malicious files, including 'mrt.exe' and 'mrtstub.exe', suggesting a possible connection to the Microsoft Malicious Software Removal Tool (MSRT) being abused or spoofed. The high score of 18.0 and reports from multiple threat intelligence feeds (SOCRadar Threat Exchange Services and AlienVault OTX) highlight the urgency of investigating and remediating any instances of this IOC. Failure to address this could lead to system compromise, data theft, or further propagation of malware within the network.

Summary

Hash Type:
sha1
MD5:
-
SHA-1:
-
SHA-256:
-
Files:
mrtstub.exe
File Type:
exe

Top Classifications

Campaign:
-
Industry:
-
Country:
-
Region:
-
Threat Actors:
-
Malware:
-

Feed Sources

Feed Source
Count
Date
SOCRadar Threat Exchange Services
3
2025-04-23
AlienVault OTX Feeds
3
2025-04-21

Threat Activity Timeline

Last 24 hours
Moderate
Last 7 Days
Minimal Activity
Last Month
Minimal Activity
Last 3 Months
Minimal Activity
Extended Threat Intelligence
Free Trial

Stay ahead with proactive cyber threat warnings

Discover how SOCRadar's all-in-one platform can help protect your digital assets with extended threat intelligence, digital risk protection, and attack surface management.