IOC LOOKUP
// SEARCH IP, DOMAIN, HASH, OR URL AGAINST OTX THREAT INTELLIGENCE
Indicator of Compromise Search
Bulk Lookup
✦ IPv4 Address ✦ Domain ✦ MD5/SHA1/SHA256 Hash ✦ URL
INDICATOR
c1edf6e3a271cf06030cc46cbd90074488c05564
SHA1 ⚠ 6 PULSE HITS
↓ CSV ↓ JSON
55
/100
HIGH
CONFIDENCE LEVEL
THREAT CONFIDENCE ANALYSIS
HIGH 55/100 confidence
Strong evidence of malicious activity across multiple sources. Prioritise investigation.
CLEAN LOW MED HIGH CRIT
0 25 50 75 100
OTX
20/30
6 pulses
VIRUSTOTAL
35/35
57/77 detected
ABUSEIPDB
/25
IPv4 only
URLHAUS
0/10
N/A
General Information
Hashc1edf6e3a271cf06030cc46cbd90074488c05564
File TypeFileHash-SHA1
AlienVault OTX Analysis ↗ View on OTX
6
PULSE HITS
Pulse Hits 6
Indicator Type SHA1
Threat Level
ASSOCIATED PULSES
PULSE NAMEDATE
Operation Woolen-GoldFish 2015-03-23
Rocket Kitten: A campaign with 9 lives 2015-11-09
“Broken Seal” DocuSign-themed Delivery with Fileless Process Hollowing (Zeppelin/Bloat-A) 2026-02-13
Spam “Broken Seal” DocuSign-themed Delivery w/Fileless Process Hollowing (Zeppelin/Bloat-A) by msudosos 2026-03-22
Spam “Broken Seal” DocuSign-themed Delivery w/Fileless Process Hollowing (Zeppelin/Bloat-A) by msudosos 2026-03-22
VirusTotal Analysis ↗ View on VirusTotal
57/77
DETECTIONS
MALICIOUS
Malicious 57
Suspicious 0
Harmless 0
Undetected 15
Reputation -7
File Name c1edf6e3a271cf06030cc46cbd90074488c05564.codex
File Type Win32 EXE
File Size 284.0 KB
TOP DETECTIONS
VENDORRESULT
ALYac Gen:Variant.Midie.102878
APEX Malicious
AVG Win32:Evo-gen [Trj]
AhnLab-V3 Trojan/Win32.Injector.R138611
Alibaba Trojan:Win32/Woolerg.dc427cac
Antiy-AVL Trojan[APT]/Win32.APT35
Arcabit Trojan.Midie.D191DE
Avast Win32:Evo-gen [Trj]
BitDefender Gen:Variant.Midie.102878
Bkav W32.AIDetectMalware