################################################################
# ThreatFox IOCs: recent MD5 hashes - CSV format               #
# Last updated: 2025-12-08 02:53:30 UTC                        #
#                                                              #
# Terms Of Use: https://threatfox.abuse.ch/faq/#tos            #
# For questions please contact threatfox [at] abuse.ch         #
################################################################
#
# "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter"
"2025-12-08 02:53:30", "1670252", "158a92efcbd66aaa89a2a8c891b44522", "md5_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:53:29", "1670249", "e57f0bc4924dfc879e316db637f19147", "md5_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:53:29", "1670246", "b31b882d97d4028414b2e4b880065a21", "md5_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:53:28", "1670243", "379af136be94c87aed5965df0c0666c8", "md5_hash", "payload", "win.coffee_loader", "None", "CoffeeLoader", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:53:27", "1670240", "8ff8774e8417df329cb839e254995577", "md5_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:53:26", "1670237", "afb2da283f6f141108d505182363144f", "md5_hash", "payload", "win.zstealer", "Z*Stealer", "ZStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:53:25", "1670234", "4890acdc735d5ac8e9c547f3e83051db", "md5_hash", "payload", "win.zstealer", "Z*Stealer", "ZStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:53:24", "1670231", "24b0b98848fa287cd687c3a15befac4e", "md5_hash", "payload", "win.zstealer", "Z*Stealer", "ZStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:53:23", "1670228", "19cf3629e4bd11f43865448dc858f48e", "md5_hash", "payload", "win.zstealer", "Z*Stealer", "ZStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:53:22", "1670225", "394a532d3f9930f9e5ce6829a144a7a4", "md5_hash", "payload", "win.zstealer", "Z*Stealer", "ZStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:53:21", "1670222", "e8e2672fb39ea2d848ce08c9a12a1446", "md5_hash", "payload", "win.zstealer", "Z*Stealer", "ZStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:53:20", "1670219", "3ee81730605831e5a0e8daa813ab769d", "md5_hash", "payload", "win.zstealer", "Z*Stealer", "ZStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:53:20", "1670216", "f75acb993323f2ed4515faa4e0814662", "md5_hash", "payload", "win.zstealer", "Z*Stealer", "ZStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:53:19", "1670213", "8770f629d003faeb7c12aad29609a504", "md5_hash", "payload", "win.zstealer", "Z*Stealer", "ZStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:53:18", "1670210", "c2c041e66801a7384ca64ac26c546a14", "md5_hash", "payload", "win.zstealer", "Z*Stealer", "ZStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:53:17", "1670207", "5747ad5e21506c7dcfea3890b61d5762", "md5_hash", "payload", "win.zstealer", "Z*Stealer", "ZStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:53:16", "1670204", "d46aa12c03579e67390f41b88e3f4f7f", "md5_hash", "payload", "win.zstealer", "Z*Stealer", "ZStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:53:15", "1670201", "5985bab7950b69ac64abd036d2f35d7c", "md5_hash", "payload", "win.zstealer", "Z*Stealer", "ZStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:53:14", "1670198", "7f42ec81cff038c3fb0c7ecf6793faee", "md5_hash", "payload", "win.zstealer", "Z*Stealer", "ZStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:53:13", "1670195", "39b05a25bbb5096ce57e941b340ef75b", "md5_hash", "payload", "win.zstealer", "Z*Stealer", "ZStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:53:13", "1670192", "9586dc195c9ba76ad25139448d8a5fa2", "md5_hash", "payload", "win.htran", "HUC Packet Transmit Tool,lcx", "HTran", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:53:12", "1670189", "eea299da2fc4ef7abf9957196a99c569", "md5_hash", "payload", "win.htran", "HUC Packet Transmit Tool,lcx", "HTran", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:53:11", "1670186", "7dd6a5905353bce9b6b7b67fddf14b0d", "md5_hash", "payload", "win.zstealer", "Z*Stealer", "ZStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:53:10", "1670183", "4238b83c3542b6a13b86149d550c15ad", "md5_hash", "payload", "win.zstealer", "Z*Stealer", "ZStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:53:09", "1670180", "23aff7f212a069974b206b0b50fe6d7b", "md5_hash", "payload", "win.zstealer", "Z*Stealer", "ZStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:53:08", "1670177", "ab5da234fe64408217985fa9e25b5a4f", "md5_hash", "payload", "win.zstealer", "Z*Stealer", "ZStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:53:07", "1670174", "7560635d4e52608fc9e7a26900a592ab", "md5_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:53:06", "1670171", "5494553f6688833c25cddf506e35ca8c", "md5_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:53:05", "1670168", "40e2dbd555f80d3df18fc46547ad95b3", "md5_hash", "payload", "win.socks5_systemz", "None", "Socks5 Systemz", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:53:04", "1670165", "11bf0445497a41f6991c3b5cbdbe0d2c", "md5_hash", "payload", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:53:04", "1670162", "fda3cbb7ca00beee2e96fa7120dc440e", "md5_hash", "payload", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:53:03", "1670159", "12347ddd45e256778bd3382c5d6e6d09", "md5_hash", "payload", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:53:02", "1670156", "b2cebdeae4012362652ab8b00cd39753", "md5_hash", "payload", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:53:00", "1670153", "02ce49901dea7f64e8944b48eb9d9e04", "md5_hash", "payload", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:59", "1670147", "d0afd781ce8872358047a5857f4dcb8a", "md5_hash", "payload", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:59", "1670150", "3fda95b694d43ff94ccb68987261cdc7", "md5_hash", "payload", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:58", "1670144", "02ed4ae4c851d46a77b1a02c25618048", "md5_hash", "payload", "win.socks5_systemz", "None", "Socks5 Systemz", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:57", "1670141", "d343df200b5c1942a1e58b4f26ffdfaf", "md5_hash", "payload", "win.troystealer", "None", "troystealer", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:56", "1670138", "7967156e138a66f3ee1bfce81836d8d0", "md5_hash", "payload", "win.troystealer", "None", "troystealer", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:55", "1670135", "2641f51bcd7547c588ef01bd4eb93a8e", "md5_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:54", "1670132", "79f486707b5da5ca4ef1dd99b1b5a9a0", "md5_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:53", "1670129", "8a4d24723a1afb9f87ca0902e83bdf47", "md5_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:52", "1670123", "0d161fe363fdcb75c6d99489573f3384", "md5_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:52", "1670126", "0491307c88b983c3537707a8add31329", "md5_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:51", "1670120", "bba156d3af1f02508a291fe866abccf6", "md5_hash", "payload", "win.masslogger", "None", "MASS Logger", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:50", "1670117", "5728c495e52e029c0ca0efac85d1902b", "md5_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:49", "1670114", "063ce49f625ed510229bdf401459c7f3", "md5_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:48", "1670111", "1c7a8a806668d6811027ffa23acd8ec6", "md5_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:47", "1670108", "84f9389fa2e5ace44a78c40085421c56", "md5_hash", "payload", "win.hijackloader", "DOILoader,GHOSTPULSE,IDAT Loader,SHADOWLADDER", "HijackLoader", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:46", "1670105", "3ba6c334dc55d3738acd2d66c8465fc2", "md5_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:45", "1670102", "251aef2998b8efc72e15b5213d368b12", "md5_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:44", "1670099", "0be5b92bd1e8acef055ef1f1de67aef5", "md5_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:43", "1670096", "604595d4c9e64dc8f06d5846194d99be", "md5_hash", "payload", "win.masad_stealer", "None", "Masad Stealer", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:42", "1670093", "c6303e71a65f42c26067269fa26b8580", "md5_hash", "payload", "win.salatstealer", "None", "SalatStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:41", "1670090", "2f3ea5d9cab9ec48107f8d3806bbd966", "md5_hash", "payload", "win.salatstealer", "None", "SalatStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:40", "1670087", "1f186c07cdce08d76246584824a27b2a", "md5_hash", "payload", "win.salatstealer", "None", "SalatStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:39", "1670084", "0d69ea6a5e608bdb74260ee1e4d100e6", "md5_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:38", "1670081", "ef8ddfc89f244884e525cbc1c0c0fb6b", "md5_hash", "payload", "win.socks5_systemz", "None", "Socks5 Systemz", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:37", "1670078", "a5b2aff1e1cef7fcfa779144a95e2155", "md5_hash", "payload", "win.socks5_systemz", "None", "Socks5 Systemz", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:35", "1670075", "0ff05fe7afc2ffab2e2e3527e2a34918", "md5_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:34", "1670072", "bbbc19140a79c8a49102e9ec0d5c8826", "md5_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:33", "1670069", "99a30ae153774cabefa03e2f531f2d87", "md5_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:32", "1670066", "de5ded784a5662abc6e96cbae4b6ea6b", "md5_hash", "payload", "win.salatstealer", "None", "SalatStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:31", "1670063", "7ec9f649dab808c12620f5960efd9f1d", "md5_hash", "payload", "win.salatstealer", "None", "SalatStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:30", "1670060", "619b3d91c05f96053a329dd9c3d78141", "md5_hash", "payload", "win.salatstealer", "None", "SalatStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:29", "1670057", "c155b975aac837e098b6b35bf3fb926d", "md5_hash", "payload", "win.salatstealer", "None", "SalatStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:28", "1670054", "717a9267f1f4b00c0b8e44e9abca7fc0", "md5_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:27", "1670051", "81fa4bb844407b3cfdacd65902b7970d", "md5_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:24", "1670048", "cc4d99645fcda75fe95a5e6c59739da3", "md5_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:21", "1670045", "a8a13734712adfb8af30ca8219e4a655", "md5_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-12-08 02:52:15", "1670042", "8f23c142ec3a311dbed1983e7288d6fc", "md5_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "None", "None", "0", "Grim"
# Number of entries: 71