TF-1832449 high

Description

Indicator that identifies a malware sample (payload). IOC type: SHA256 hash of a malware sample (payload). Attributed malware: Unknown malware. Confidence: 100. First seen: 2026-06-15 19:40:18 UTC. Reporter: Colwilson. Tags: Downloader, iran, mois, MuddyWater, stagecomp.

• MalwareBazaar | Browse malware samples - abuse.ch
  web:bazaar.abuse.ch

  Using the form below, you can search for malware samples by a hash (MD5, SHA256 , SHA1), imphash, tlsh hash , ClamAV signature, tag or malware family. Browse Database

  2026-06-19 00:46 UTC
• Hash Reputation Checker — MD5/SHA-256 Malware Lookup
  web:cipherssecurity.com

  What it does When you encounter an unknown executable, the fastest triage step is hash reputation: compute its cryptographic fingerprint and check threat-intel feeds for prior submissions. Our checker queries MalwareBazaar (abuse.ch's curated malicious- sample database) and VirusTotal, returning the aggregated verdict plus per-source details.

  2026-06-19 00:46 UTC
• File Hash Checker - Malicious Hash Lookup (MD5/SHA-256)
  web:inventivehq.com

  File Hash Checker & Malware Hash Lookup Drag in a file to hash it locally (SHA-256/SHA-1, nothing uploaded), or paste MD5/SHA-1/SHA-256 hashes — single or in bulk — and check them against known malware with VirusTotal & MalwareBazaar deep-links.

  2026-06-19 00:46 UTC
• Malware Hashes - File Hash Intelligence Database | isMalicious
  web:ismalicious.com

  Database of known malware file hashes. MD5, SHA1, and SHA256 hashes with malware family classification. Updated daily from sandbox analysis and vendor feeds.

  2026-06-19 00:46 UTC
• Talos File Reputation Lookup || Cisco Talos Intelligence Group ...
  web:talosintelligence.com

  Use Talos' File Reputation lookup to find the reputation, file name, weighted reputation score, and detection information available for a given SHA256 .

  2026-06-19 00:46 UTC
• ThreatFox | Browse IOCs
  web:threatfox.abuse.ch

  Using the form below, you can search for malware samples by a hash (MD5, SHA256 , SHA1), imphash, tlsh hash , ClamAV signature, tag or malware family. Browse Database

  2026-06-19 00:46 UTC
• Free Automated Malware Analysis Service - powered by Falcon Sandbox
  web:www.hybrid-analysis.com

  This is a free malware analysis service for the community that detects and analyzes unknown threats using a unique Hybrid Analysis technology.

  2026-06-19 00:46 UTC
• MalShare
  web:www.malshare.com

  The MalShare Project is a community driven public malware repository that works to provide free access to malware samples and tooling to the infomation security community.

  2026-06-19 00:46 UTC
• VirusTotal - Home
  web:www.virustotal.com

  VirusTotal Assistant Bot offers a platform for users to interact with VirusTotal's threat intelligence suite and explore artifact-related information effectively.

  2026-06-19 00:46 UTC
• VirusTotal - Search - sha256
  web:www.virustotal.com

  VirusTotal provides tools for inspecting files, domains, IPs, and URLs to detect malware and other threats.

  2026-06-19 00:46 UTC

Indicators of Compromise (1)

Each indicator is enriched from the IOC database, threat-intel feed corroboration (Threat Hunt) and VirusTotal. Click one to expand.

References (3)

• External reference Threatfox IOCs/Threats
• Malpedia profile Threatfox IOCs/Threats
• ThreatFox IOC page Threatfox IOCs/Threats

  Indicator that identifies a malware sample (payload). IOC type: SHA256 hash of a malware sample (payload). Attributed malware: Unknown malware. Confidence: 100. First seen: 2026-06-15 17:22:54 UTC. Reporter: Colwilson. Tags: Downloader, iran, mois, MuddyWater, stagecomp.

Only Available for Registered Users. Sign in to view.