IOC LOOKUP
// SEARCH IP, DOMAIN, HASH, OR URL AGAINST OTX THREAT INTELLIGENCE
Indicator of Compromise Search
✦ IPv4 Address
✦ Domain
✦ MD5/SHA1/SHA256 Hash
✦ URL
INDICATOR
b1d1a2c64474d2f6e7a5db71ccbafa31
55
/100
HIGH
CONFIDENCE LEVEL
THREAT CONFIDENCE ANALYSIS
HIGH
55/100 confidence
Strong evidence of malicious activity across multiple sources. Prioritise investigation.
CLEAN
LOW
MED
HIGH
CRIT
0
25
50
75
100
OTX
20/30
4 pulses
VIRUSTOTAL
35/35
59/76 detected
ABUSEIPDB
—/25
IPv4 only
URLHAUS
0/10
NOT LISTED
General Information
| Hash | b1d1a2c64474d2f6e7a5db71ccbafa31 |
| File Type | FileHash-MD5 |
AlienVault OTX Analysis
↗ View on OTX
4
PULSE HITS
| Pulse Hits | 4 |
| Indicator Type | MD5 |
| Threat Level |
ASSOCIATED PULSES
| PULSE NAME | DATE |
|---|---|
| 2018-02-20 | |
| 2023-12-06 | |
| 2023-04-28 | |
| 2022-01-22 |
VirusTotal Analysis
↗ View on VirusTotal
59/76
DETECTIONS
MALICIOUS
| Malicious | 59 |
| Suspicious | 0 |
| Harmless | 0 |
| Undetected | 13 |
| Reputation | -5 |
| File Name | user.dat |
| File Type | Win32 DLL |
| File Size | 69.0 KB |
TOP DETECTIONS
| VENDOR | RESULT |
|---|---|
| ALYac | Trojan.Sofacy.gen |
| APEX | Malicious |
| AVG | Win32:Malware-gen |
| AhnLab-V3 | Trojan/Win32.Sofacy.C2054710 |
| Alibaba | Trojan:Win32/Sofacy.97347375 |
| Antiy-AVL | Trojan/Win32.APT28 |
| Arcabit | Trojan.Babar.D18431 |
| Avast | Win32:Malware-gen |
| Avira | HEUR/AGEN.1374017 |
| BitDefender | Gen:Variant.Babar.99377 |
URLhaus (abuse.ch)
↗ View on URLhaus
✓ NOT LISTED
No malicious activity found in URLhaus database.