IOC LOOKUP
// SEARCH IP, DOMAIN, HASH, OR URL AGAINST OTX THREAT INTELLIGENCE
Indicator of Compromise Search
✦ IPv4 Address
✦ Domain
✦ MD5/SHA1/SHA256 Hash
✦ URL
INDICATOR
37f328fc723b2ddf0e7a20b57257cdb29fe9286cb4ffeaac9253cb3b86520235
65
/100
HIGH
CONFIDENCE LEVEL
THREAT CONFIDENCE ANALYSIS
HIGH
65/100 confidence
Strong evidence of malicious activity across multiple sources. Prioritise investigation.
CLEAN
LOW
MED
HIGH
CRIT
0
25
50
75
100
OTX
20/30
4 pulses
VIRUSTOTAL
35/35
41/76 detected
ABUSEIPDB
—/25
IPv4 only
URLHAUS
10/10
LISTED
General Information
| Hash | 37f328fc723b2ddf0e7a20b57257cdb29fe9286cb4ffeaac9253cb3b86520235 |
| File Type | FileHash-MD5 |
AlienVault OTX Analysis
↗ View on OTX
4
PULSE HITS
| Pulse Hits | 4 |
| Indicator Type | SHA256 |
| Threat Level |
ASSOCIATED PULSES
| PULSE NAME | DATE |
|---|---|
| 2024-09-24 | |
| 2024-09-25 | |
| 2024-09-25 | |
| 2024-10-02 |
VirusTotal Analysis
↗ View on VirusTotal
41/76
DETECTIONS
MALICIOUS
| Malicious | 41 |
| Suspicious | 0 |
| Harmless | 0 |
| Undetected | 22 |
| Reputation | -12 |
| File Name | 1.msi |
| File Type | Windows Installer |
| File Size | 30744.0 KB |
TOP DETECTIONS
| VENDOR | RESULT |
|---|---|
| ALYac | Trojan.Agent.GMPS |
| AVG | Win32:MalwareX-gen [Misc] |
| AhnLab-V3 | Dropper/BIN.Agent |
| Antiy-AVL | Trojan[Downloader]/Win32.Rugmi |
| Arcabit | Trojan.Agent.GMPS |
| Avast | Win32:MalwareX-gen [Misc] |
| Avira | TR/Dldr.Rugmi.ertvo |
| BitDefender | Trojan.Agent.GMPS |
| CAT-QuickHeal | Trojan.Ghanarava.17285947237da81b |
| CTX | msi.trojan.rugmi |
URLhaus (abuse.ch)
↗ View on URLhaus
⚠ LISTED
URLHAUS
| URLs Found | 2 |
| First Seen | 2024-09-11 |
| Malware | DanaBot |
| File Type | msi |
ASSOCIATED URLs
| URL | STATUS / TYPE | DATE |
|---|---|---|
| http://89.110.119.45/1.msi | offline | — |
| https://ambccm.com/3.msi | offline | — |