IOC Radar Logo
IOCRadar
IOC Radar Logo
IOCRadar

d3ceb8c15faf028ea6ec9077320396880f3645cc21bf1f38c405100f526d3650

Suspicious Hash
43%
SIGNAL STRENGTHSlightly Noisy
FIRST SEEN2025-03-31 09:54:12
LAST SEEN2025-04-22 00:40:47
CATEGORY
malware
phishing attack
iot/ics attack
payment system attack
remcos trojan
hostname enumeration
win32 malware
domain scanner
port scanning
software exploitation
MITRE
T1490 - Inhibit System Recovery
T1499.001 - Endpoint Denial of Service
T1105 - Ingress Tool Transfer
T1566 - Phishing
T1027 - Obfuscated Files or Information
T1204.002 - User Execution
T1059.003 - SQL Injection
T1203 - Exploit Software
T1587.001 - Acquire Infrastructure
T1566.001 - Spear Phishing via Service
TAGS
email threat
malicious software
financial services
financial institution
bank security
phishing intelligence
malicious url repository
remote services
process injection
payment security
Eye Icon
SOCRadar
AI Insight

The SHA256 hash d3ceb8c15faf028ea6ec9077320396880f3645cc21bf1f38c405100f526d3650 is a high-risk Indicator of Compromise (IOC) due to its association with multiple malware families, including Emotet, Formbook, NanoCore RAT, Quasar RAT, Racoon Stealer, Redline Stealer, and njRAT. These malware families represent a broad range of threats, from information stealers to remote access trojans (RATs), indicating a significant potential for data exfiltration, system compromise, and further malicious activity within the environment. Its presence signifies a likely intrusion attempt or successful malware infection, demanding immediate investigation and remediation to prevent further damage. This IOC is identified by multiple threat intelligence feeds, including SOCRadar Threat Exchange Services and AlienVault OTX, further validating its malicious nature.

Summary

Hash Type:
sha256
MD5:
-
SHA-1:
-
SHA-256:
-
Files:
retro.exe
File Type:
exe

Top Classifications

Campaign:
-
Industry:
-
Country:
-
Region:
-
Threat Actors:
-
Malware:
-

Feed Sources

Feed Source
Count
Date
SOCRadar Threat Exchange Services
1
2025-04-22
AlienVault OTX Feeds
4
2025-04-22

Threat Activity Timeline

Last 24 hours
Dormant
Last 7 Days
Minimal Activity
Last Month
Minimal Activity
Last 3 Months
Minimal Activity
Extended Threat Intelligence
Free Trial

Stay ahead with proactive cyber threat warnings

Discover how SOCRadar's all-in-one platform can help protect your digital assets with extended threat intelligence, digital risk protection, and attack surface management.