IOC Radar Logo
IOCRadar
IOC Radar Logo
IOCRadar

bdca35c097edf5a4fb42bc6d06e9bdfcef5c9a20

Hash
18%
SIGNAL STRENGTHSlightly Noisy
FIRST SEEN2025-03-31 09:40:05
LAST SEEN2025-04-22 20:36:26
CATEGORY
malware
database spesific attack(postgresql)
port scanning and brute force attempts
database spesific attack(mysql)
operation system spesific attack(windows os)
win32 malware
telnet threat
ssh attack
port scan
protocol spesific attack(rdp)
MITRE
T1595 - Active Scanning
T1499.002 - Endpoint DoS
T1499.003 - Network DoS
T1496 - Resource Hijacking
T1190 - Exploit Public-Facing Application
T1059.003 - SQL Injection
T1505.002 - Server Software Component
T1110.002 - Brute Force
T1076 - Remote Desktop Protocol
T1563 - Remote Services
TAGS
windows malware
malicious software
server exploitation
credential access
protocol exploitation
distributed attacks
command and control
network security
database security
remote services
Eye Icon
SOCRadar
AI Insight

The SHA1 hash bdca35c097edf5a4fb42bc6d06e9bdfcef5c9a20 is a critical Indicator of Compromise (IOC) associated with potential malware infections. Analysis from SOCRadar Threat Exchange Services and AlienVault OTX Feeds, along with VirusTotal reports, strongly suggests this hash is linked to malicious files, including variants of MPGEAR.DLL, mpengine.dll, mrt.exe, and mrtstub.exe. These files are components commonly associated with the Windows Malicious Software Removal Tool (MSRT), but the detected hash likely represents a compromised or malicious version being used for nefarious purposes, such as initial access or persistence within the compromised system. This could lead to data theft, system compromise, or further deployment of malware across the network. Immediate action is required to identify and remediate any systems where this hash is detected.

Summary

Hash Type:
sha1
MD5:
-
SHA-1:
-
SHA-256:
-
Files:
mrtstub.exe
File Type:
exe

Top Classifications

Campaign:
-
Industry:
-
Country:
-
Region:
-
Threat Actors:
-
Malware:
-

Feed Sources

Feed Source
Count
Date
SOCRadar Threat Exchange Services
1
2025-04-22
AlienVault OTX Feeds
2
2025-04-03

Threat Activity Timeline

Last 24 hours
Minimal Activity
Last 7 Days
Minimal Activity
Last Month
Minimal Activity
Last 3 Months
Minimal Activity
Extended Threat Intelligence
Free Trial

Stay ahead with proactive cyber threat warnings

Discover how SOCRadar's all-in-one platform can help protect your digital assets with extended threat intelligence, digital risk protection, and attack surface management.