← Back to Pulse Feed
PULSE DETAIL
PULSE NAME
VirusTotal report for file.exe 100/100 Malicious
WHITE msudosos 2026-03-16 Modified: 2026-04-15
121
IOCs
HIGH VOLUME
Malicious: MZ.exe, a PE32 executable for MS Windows, is being investigated by the University of California, Berkeley, and the Department of Defense (DPC) in the US.
performs dnsfile typecreatessigmasuricata idsunitedshadow copydeletesip addressdownloadswindowdefendermaliciouspersistencenext
MITRE ATT&CK & Malware Families
ATT&CK TECHNIQUES
Indicators of Compromise (6 / 121 total)
All FileHash-MD5 FileHash-SHA1 FileHash-SHA256 URL domain hostname
TYPEINDICATORDESCRIPTIONCREATED
FileHash-SHA256 00a56d8d3171989dc2aa4c00b0595060a60072dd2a6352123e2c27e51735a3c7 2026-03-16
FileHash-SHA256 255a65d30841ab4082bd9d0eea79d49c5ee88f56136157d8d6156aef11c12309 2026-03-16
FileHash-SHA256 2c20a0cbe5f2fa55f71925aba2294a3634b68f5ec4a63277f59bb0b31ed39ece 2026-03-16
FileHash-SHA256 3b8a7ad41563aa45ea784d6c53f841a07f97f77f4d802c0a09278cb5c9aac4f3 2026-03-16
FileHash-SHA256 d8c56f8ec0627c5ab87a21e5e94e6e178a08cdb8f0b71f68607761af4f1c99dc 2026-03-16
FileHash-SHA256 e0d191a6910d7b4438cc34ee8880df40a3457ff1b09248c67c70a1a818d29acf 2026-03-16
References (1)
↗ https://vtbehaviour.commondatastorage.googleapis.com/00a56d8d3171989dc2aa4c00b0595060a60072dd2a6352123e2c27e51735a3c7_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1773659403&Signature=QJMYrJ%2FbZyUR%2FnXCFejuSKApxsi%2Baqbz3LQY0Zf%2BGRA%2FCJAReaZzynjUjdff8AvTdMwy%2BSlqO51qtGljyJi2xTjJwTibTeY9x8BDM2%2Fg1klYPQAx2WEL%2FBRcHfHwvjM0rC5aEGHepSAFknzLxU7anJ6MOKJ9jCuvkGHJTDLnrg4A0V1KL0h3bvXONdJAQgz3pmFcKi6Ky9MEKYGldmfaa6B9BXAhJHLfeQ2ARXhuM9XyhZdVdlxWpK