← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
Malware.B98AC422 Script/Sabsik.EN.A!ml
WHITE FS13JKMK 2026-01-19 Modified: 2026-02-19
78
IOCs
HIGH VOLUME
A Malware emails campaign targeted the users. 0.0 % of the emails that were seen in this attack across Office365 customer base were targeted at the organisation. All domains from same sender IP address 216.131.77.250.
malwareattachmentScript/Sabsik.EN.A!mltrojanzmutzysusparsnakelocker
Indicators of Compromise (3 / 78 total)
All domain FileHash-SHA256 hostname URL
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA256 ec165353cb99489f5a010c214ef4225669eb16f25980add8ff0996765172c051 Malware family: Script/Sabsik.EN.A!ml 2026-01-19
FileHash-SHA256 ed8cac40cf7a625eb407ffd85fd4f6831475839cde90423395df33fca810f24f trojan.zmutzy/suspar 2026-01-19
FileHash-SHA256 a06b884bdb4cd3cddafb050d16d7bb98ae91c18e72f325e2c4e17569ce5d99f8 Trojan. 2026-01-19
References (5)
↗ https://www.virustotal.com/gui/file/ec165353cb99489f5a010c214ef4225669eb16f25980add8ff0996765172c051 ↗ https://www.virustotal.com/gui/file/a06b884bdb4cd3cddafb050d16d7bb98ae91c18e72f325e2c4e17569ce5d99f8 ↗ https://www.virustotal.com/gui/file/ed8cac40cf7a625eb407ffd85fd4f6831475839cde90423395df33fca810f24f ↗ https://www.virustotal.com/gui/file/0a09e633a3a1b21b0b2d0d6de983774b97112e40b999527d07afab73b7c8ce1c ↗ https://www.virustotal.com/gui/ip-address/216.131.77.250