← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
IOC - Threat Bulletin: Critical eScan Supply Chain Compromise
On January 20, 2026, Morphisec identified an active supply chain compromise affecting MicroWorld Technologies’ eScan antivirus product. Malicious updates were distributed through eScan’s legitimate update infrastructure, resulting in the deployment of multi-stage malware to enterprise and consumer endpoints globally.
Indicators of Compromise (17)
| TYPE | INDICATOR | DESCRIPTION | CREATED | |
|---|---|---|---|---|
| FileHash-MD5 | 350b82fa70888eee712fb08fed90a14d | MD5 of 386a16926aff225abc31f73e8e040ac0c53fb093e7daf3fbd6903c157d88958c | 2026-01-30 | |
| FileHash-MD5 | 8c96e393be264bce1789a93b59cb6853 | MD5 of bec369597633eac7cc27a698288e4ae8d12bdd9b01946e73a28e1423b17252b1 | 2026-01-30 | |
| FileHash-MD5 | b6373e6f0e6dcd2fbe8cb437a3130ac1 | MD5 of 674943387cc7e0fd18d0d6278e6e4f7a0f3059ee6ef94e0976fae6954ffd40dd | 2026-01-30 | |
| FileHash-SHA1 | 1617949c0c9daa2d2a5a80f1028aeb95ce1c0dee | SHA1 of 386a16926aff225abc31f73e8e040ac0c53fb093e7daf3fbd6903c157d88958c | 2026-01-30 | |
| FileHash-SHA1 | 2d2d58700a40642e189f3f1ccea41337486947f5 | SHA1 of bec369597633eac7cc27a698288e4ae8d12bdd9b01946e73a28e1423b17252b1 | 2026-01-30 | |
| FileHash-SHA1 | 76b0d9d51537da06707afa97b4ae981ed6d03483 | — | 2026-01-30 | |
| FileHash-SHA1 | a928bddfaa536c11c28c8d2c5d16e27cbeaf6357 | SHA1 of 674943387cc7e0fd18d0d6278e6e4f7a0f3059ee6ef94e0976fae6954ffd40dd | 2026-01-30 | |
| FileHash-SHA256 | 36ef2ec9ada035c56644f677dab65946798575e1d8b14f1365f22d7c68269860 | — | 2026-01-30 | |
| FileHash-SHA256 | 386a16926aff225abc31f73e8e040ac0c53fb093e7daf3fbd6903c157d88958c | — | 2026-01-30 | |
| FileHash-SHA256 | 674943387cc7e0fd18d0d6278e6e4f7a0f3059ee6ef94e0976fae6954ffd40dd | — | 2026-01-30 | |
| FileHash-SHA256 | bec369597633eac7cc27a698288e4ae8d12bdd9b01946e73a28e1423b17252b1 | — | 2026-01-30 | |
| URL | http://codegiant.io/dd/dd/dd.git/download/main/middleware.ts | — | 2026-01-30 | |
| URL | http://vhs.delrosal.net/i | — | 2026-01-30 | |
| domain | codegiant.io | — | 2026-01-30 | |
| hostname | 504e1a42.host.njalla.net | — | 2026-01-30 | |
| hostname | blackice.sol-domain.org | — | 2026-01-30 | |
| hostname | vhs.delrosal.net | — | 2026-01-30 |