IOC Radar Logo
IOCRadar
IOC Radar Logo
IOCRadar

dd2a954ce7131c5dfb2577430808f6aa5d5a364d8e37c06ad0fcf68442388cc4

Suspicious Hash
24%
SIGNAL STRENGTHSlightly Noisy
FIRST SEEN2025-03-31 09:54:12
LAST SEEN2025-04-23 14:05:12
CATEGORY
malware
network scanning and brute force attempts detected
protocol spesific attack(rdp)
protocol spesific attack(udp)
win32 malware
port scanning
malicious powershell activity
ssh attack
scripting attack(js)
social engineering
MITRE
T1486 - Data Encrypted for Impact
T1583 - Acquire Infrastructure
T1059.007 - Command and Scripting Interpreter
T1068 - Exploitation for Privilege Escalation
T1110.002 - Brute Force
T1078 - Valid Accounts
T1071 - Application Layer Protocol
T1069.001 - Permission Groups Discovery
T1021 - Remote Services
T1005 - Data from Local System
TAGS
credential stuffing
malicious software
command execution
remote services
process injection
scripting attacks
network attacks
denial of service
network scanning
distributed attacks
Eye Icon
SOCRadar
AI Insight

The presence of the SHA256 hash dd2a954ce7131c5dfb2577430808f6aa5d5a364d8e37c06ad0fcf68442388cc4 is a significant indicator of potential compromise, likely related to a potentially malicious file masquerading as a legitimate software component, software_reporter_tool.exe. Its relatively high score of 24.0 from multiple threat intelligence feeds (SOCRadar Threat Exchange Services, AlienVault OTX Feeds), coupled with associated network connections to known Microsoft infrastructure alongside suspicious IPs, suggests a sophisticated threat actor attempting to blend in with legitimate traffic, potentially for command and control or data exfiltration. Failure to address this IOC could lead to malware infection, lateral movement within the network, and ultimately, data breach or system compromise. This activity warrants immediate investigation and containment.

Summary

Hash Type:
sha256
MD5:
-
SHA-1:
-
SHA-256:
-
Files:
software_reporter_tool.exe
File Type:
exe

Top Classifications

Campaign:
-
Industry:
-
Country:
-
Region:
-
Threat Actors:
-
Malware:
-

Feed Sources

Feed Source
Count
Date
SOCRadar Threat Exchange Services
3
2025-04-23
AlienVault OTX Feeds
4
2025-04-23

Threat Activity Timeline

Last 24 hours
Dormant
Last 7 Days
Minimal Activity
Last Month
Minimal Activity
Last 3 Months
Minimal Activity
Extended Threat Intelligence
Free Trial

Stay ahead with proactive cyber threat warnings

Discover how SOCRadar's all-in-one platform can help protect your digital assets with extended threat intelligence, digital risk protection, and attack surface management.