s2
--:--:--UTC

Searching APEX

Starting…

  1. Searching Threats, IOCs & Threat Intelligence locally
  2. Querying external providers
  3. Asking AI Forensic Validator
  4. Creating new entry from validated hit

0s elapsed

MB-120d7c702c2224146f06b528abf1d793a6c86868bad5157549414d2fdc6be5e0 high

📛 Threat Title

Unknown: iran.i486

Category: Unknown Published: Source updated: First seen: Last updated: Source: Abuse.ch

Description

File type: elf. Size: 88221 bytes. Tags: elf. Reporter: abuse_ch. First seen: 2026-06-13 15:10:06.

Remediations (10)

  • CKFCF-MTSllm/CKFF/Knowledge_text/News/input/exchange_news ... - GitHub
    web:github.com

    Just as the Chinese President moved easily among rival\ncountries such as Saudi Arabia and Iran, so his Egyptian counterpart seeks\nmaximum room to maneuver in order to extricate Egypt from its current\neconomic crisis and security instability.

  • Hardening US Infrastructure Before a Potential Iranian Cyber Attack
    web:itif.org

    In some cases, Iranian hackers have deployed zero-day exploits —previously unknown software vulnerabilities—to access sensitive networks undetected. Iran often pairs its cyber attacks with disinformation campaigns to sow panic and mistrust. They flood social media, websites, and alert systems with false claims to spread panic.

  • PDF Iranian Cyber Actors Brute Force and Credential Access Activity ...
    web:media.defense.gov

    Since October 2023, Iranian actors have used brute force, such as password spraying, and multi-factor authentication (MFA) 'push bombing' to compromise user accounts and obtain access to organizations. The actors frequently modified MFA registrations, enabling persistent access. The actors performed discovery on the compromised networks to obtain additional credentials and identify other ...

  • Remediation vs. Mitigation: What's the Difference? | Panorays
    web:panorays.com

    Discover the difference between remediation and mitigation in risk management and how each strategy impacts security and resilience.

  • PDF Iran Conflict: Cyber Operations & Global Implications
    web:thrivenextgen.com

    2.1 The Iran Conflict: Strategic Cyber Implications The current military conflict involving Iran has fundamentally altered the cyber threat landscape across the Middle East and globally. Historically, Iranian military pressure has been directly coupled with escalated cyber operations — Iran's APT ecosystem functions as an instrument of state power, enabling asymmetric retaliation ...

  • URLhaus | http://87.121.84.11:84/iran.i486
    web:urlhaus.abuse.ch

    Payload delivery The table below documents all payloads that URLhaus retrieved from this particular URL.

  • How to Defend Against Iran's Cyber Retaliation Playbook
    web:www.cisecurity.org

    Security leaders must give equal weight to the cyber dimension following U.S.-Israeli kinetic activity against Iran. Here's our recommendations.

  • PDF Iran-based Cyber Actors Enabling Ransomware Attacks on US ... - FBI
    web:www.fbi.gov

    The FBI further assesses these Iran-based cyber actors are associated with the Government of Iran (GOI) and—separate from the ransomware activity—conduct computer network exploitation activity ...

  • Linux Analysis Report iran.i486.elf
    web:www.joesandbox.com

    Signatures Antivirus / Scanner detection for submitted sample Malicious sample detected (through community Yara rule) Multi AV Scanner detection for submitted file Sample deletes itself Detected TCP or UDP traffic on non-standard ports Enumerates processes within the "proc" file system Sample contains strings that are user agent strings indicative of HTTP manipulation Tries to connect to HTTP ...

  • Iranian Cyber Actors Exploit Known Vulnerabilities to Extort U.S ...
    web:www.nsa.gov

    In a Cybersecurity Advisory released today, the FBI, the Cybersecurity and Infrastructure Security Agency (CISA), NSA, U.S. Cyber Command, the Department of Treasury and international partners reveal how Iranian cyber actors continue to exploit known vulnerabilities on unprotected networks to extort and ransom victims, including U.S. critical infrastructure organizations. In "Iranian Islamic ...

Indicators of Compromise (3)

Each indicator is enriched from the IOC database, threat-intel feed corroboration (Threat Hunt) and VirusTotal. Click one to expand.

hash_sha256 120d7c702c2224146f06b528abf1d793a6c86868bad5157549414d2fdc6be5e0

IOC database

Type
hash_sha256
Value
120d7c702c2224146f06b528abf1d793a6c86868bad5157549414d2fdc6be5e0
First seen
Last seen
Attached to this threat
Appears in
1 threat
Description
Unknown

Open the full IOC page →

Threat Hunt — feed corroboration

Not present in any configured threat-intel feed.

Details From VirusTotal

No VirusTotal details cached for this IOC. Open the IOC page to query VirusTotal.

hash_sha1 cfff8e813adaffe55d882bcf2a527b10be3de9d5

IOC database

Type
hash_sha1
Value
cfff8e813adaffe55d882bcf2a527b10be3de9d5
First seen
Last seen
Attached to this threat
Appears in
1 threat

Open the full IOC page →

Threat Hunt — feed corroboration

Not present in any configured threat-intel feed.

Details From VirusTotal

No VirusTotal details cached for this IOC. Open the IOC page to query VirusTotal.

hash_md5 0e3d36461ff478008ded5109ff362466

IOC database

Type
hash_md5
Value
0e3d36461ff478008ded5109ff362466
First seen
Last seen
Attached to this threat
Appears in
1 threat

Open the full IOC page →

Threat Hunt — feed corroboration

Not present in any configured threat-intel feed.

Details From VirusTotal

No VirusTotal details cached for this IOC. Open the IOC page to query VirusTotal.

References (1)

  • MalwareBazaar sample page Abuse.ch

    File type: elf. Size: 88221 bytes. Tags: elf. Reporter: abuse_ch. First seen: 2026-06-13 15:10:06.

AI Forensic Analysis

Only Available for Registered Users. Sign in to view.