IOC LOOKUP
// SEARCH IP, DOMAIN, HASH, OR URL AGAINST OTX THREAT INTELLIGENCE
Indicator of Compromise Search
Bulk Lookup
✦ IPv4 Address ✦ Domain ✦ MD5/SHA1/SHA256 Hash ✦ URL
INDICATOR
2436fe37d25712b68b2e1a9805825bcf5073efb91588c1b5193ba446d1edd319
SHA256 ⚠ 5 PULSE HITS
↓ CSV ↓ JSON
55
/100
HIGH
CONFIDENCE LEVEL
THREAT CONFIDENCE ANALYSIS
HIGH 55/100 confidence
Strong evidence of malicious activity across multiple sources. Prioritise investigation.
CLEAN LOW MED HIGH CRIT
0 25 50 75 100
OTX
20/30
5 pulses
VIRUSTOTAL
35/35
35/76 detected
ABUSEIPDB
/25
IPv4 only
URLHAUS
0/10
NOT LISTED
General Information
Hash2436fe37d25712b68b2e1a9805825bcf5073efb91588c1b5193ba446d1edd319
File TypeFileHash-SHA256
AlienVault OTX Analysis ↗ View on OTX
5
PULSE HITS
Pulse Hits 5
Indicator Type SHA256
Threat Level
ASSOCIATED PULSES
PULSE NAMEDATE
Security Brief: Actor Uses Compromised Accounts, Customized Social Engineering to Target Transport and Logistics Firms with Malware 2024-09-24
Threatfox Recent Additions 2024-11-09
Security Brief: Actor Uses Compromised Accounts, Customized Social Engineering to Target Transport and Logistics Firms with Malware | Proofpoint US 2024-09-25
Security Brief: Actor Uses Compromised Accounts, Customized Social Engineering to Target Transport and Logistics Firms with Malware | Proofpoint US 2024-09-25
Security Brief: Actor Uses Compromised Accounts, Customized Social Engineering to Target Transport and Logistics Firms with Malware 2024-10-02
VirusTotal Analysis ↗ View on VirusTotal
35/76
DETECTIONS
MALICIOUS
Malicious 35
Suspicious 0
Harmless 0
Undetected 27
Reputation -9
File Name rate_confirmation.vbs
File Type VBA
File Size 21.9 KB
TOP DETECTIONS
VENDORRESULT
ALYac GT:VB.MltCllSpReFf.1.495DC54C
AVG Script:SNH-gen [Trj]
AhnLab-V3 Downloader/VBS.Generic.SC205575
Arcabit GT:VB.MltCllSpReFf.1.495DC54C
Avast Script:SNH-gen [Trj]
BitDefender GT:VB.MltCllSpReFf.1.495DC54C
CTX vba.trojan.guloader
ClamAV Win.Dropper.XWorm-10036812-0
Cynet Malicious (score: 99)
DrWeb VBS.DownLoader.3392
URLhaus (abuse.ch) ↗ View on URLhaus
✓ NOT LISTED No malicious activity found in URLhaus database.