################################################################
# ThreatFox IOCs: recent SHA256 hashes - CSV format            #
# Last updated: 2026-01-10 19:47:00 UTC                        #
#                                                              #
# Terms Of Use: https://threatfox.abuse.ch/faq/#tos            #
# For questions please contact threatfox [at] abuse.ch         #
################################################################
#
# "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","is_compromised","reference","tags","anonymous","reporter"
"2026-01-10 19:47:00", "1700654", "acff79166ef231e892ecee81588aff62f756c443d4da85f2ad2f6bdea1c705e3", "sha256_hash", "payload", "win.masad_stealer", "None", "Masad Stealer", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:59", "1700651", "6a8a3c40f1dc1ceb671671b69b725c7ef9cd68312e141b32577bfb30abf21142", "sha256_hash", "payload", "win.masad_stealer", "None", "Masad Stealer", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:58", "1700648", "88ca13a1879faebc5bbe2e0a09b2055491ef251b4466d0258dcadd2ab06b7d16", "sha256_hash", "payload", "win.salatstealer", "None", "SalatStealer", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:57", "1700645", "99f6808d5523f4e31dcf70c458993d848161c06cb9b93411e6b3e5b101ac25a4", "sha256_hash", "payload", "win.poscardstealer", "None", "poscardstealer", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:56", "1700642", "bf0eac1fb87c1fa48704d4afc41a24cf6aa0b16b9f0bbdb3083582cadf405909", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:55", "1700639", "95b9cfba9339553903e7bec515a05851b75bb601b06169cb5d11b1f1b8005d84", "sha256_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:54", "1700636", "b1a5fbabd5b4513f2adf199e2224c70ec4bb2e5c6e8e3fb794ac079ac1d9256d", "sha256_hash", "payload", "win.salatstealer", "None", "SalatStealer", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:53", "1700633", "518d6457e2d3e20e470f20b6399ce0f0ff5091dc6d2a0826d658247832ff4a8c", "sha256_hash", "payload", "win.quantloader", "None", "QuantLoader", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:52", "1700630", "4b039ac3ee6b30539f449eabd4d8a59d834067719aee95ba8b3b3b0d03a0f601", "sha256_hash", "payload", "win.masslogger", "None", "MASS Logger", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:51", "1700627", "5fedfef844dedbe142eddea554560d3701207040bcbda3685d23319b973ac64a", "sha256_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:50", "1700624", "09a8ffc1121140f4f6969630e2ada1f9f3766917260871f8d0437c16557d9e86", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:49", "1700621", "ae985f2f57f117563f8ada4cc0ef2bc3ff6a86c213ebd46448739201fce2b21d", "sha256_hash", "payload", "win.diceloader", "Lizar", "DICELOADER", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:48", "1700618", "96ae2a820c2f9c200c8555d95af7673db00e5588f0e90c31a15cfe080ef1c1d2", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:48", "1700615", "74a8104dc97f3709ba4176bff6f79b57056ed371a57cbd9337ed9fa61bb64ec4", "sha256_hash", "payload", "win.salatstealer", "None", "SalatStealer", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:47", "1700612", "d3ba5979576b8b3e0b632e594857666b6fb2ace400f95ebae9efc980e13ddb09", "sha256_hash", "payload", "win.bbsrat", "None", "BBSRAT", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:46", "1700609", "b44f296a861626f75ba90e2f0e0e48ec6b767e6191c331b97d4e1520729d43ae", "sha256_hash", "payload", "win.bbsrat", "None", "BBSRAT", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:45", "1700606", "741662f285aec6ba7878c4b98b909eae44a94dca60d7dbe9f1479852d11925c8", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:44", "1700603", "cc58a2f6c8b64dc4bb15bfa34a569a533810c62877a731d6467d8b79e56b16bc", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:43", "1700600", "d54aadb94ec45cb58dc77c78fdd71eadbd2b6d519daa75e9490ec9f518f215ad", "sha256_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:42", "1700597", "773217426160251a58bb5b8a64d6d05d9a5d1222337ef84da577abc136dc0316", "sha256_hash", "payload", "win.gogoogle", "BossiTossi", "GoGoogle", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:41", "1700594", "5c69e42ab544d80e631e61ecaaa43b40c87605a35d0c4c244d74f039422a2ea3", "sha256_hash", "payload", "win.guidloader", "None", "GUIDLOADER", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:40", "1700591", "3b1d0ef0a4fe23fd6d7fc4c8813f7a79b3de5260b74d58fdc2cadaf91b5a3f36", "sha256_hash", "payload", "win.poscardstealer", "None", "poscardstealer", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:39", "1700588", "9c4f762adf072890b06f2fc8e79bae3a34fe854aadee7269448e6cce07bc360e", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:39", "1700585", "e552d929596b77dcb6b57256cc913cf43d4bd4b133da81c6dfc9d25af5f455fe", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:38", "1700582", "b77f42af2af063c0df3b3cb75e510987ab391ce96783d23ca121f03f1cd9dac6", "sha256_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:37", "1700579", "726479e2a641884f4b5d20fa28dad3429475970c33a7f6c7e4b8fcdaa19e1ca8", "sha256_hash", "payload", "win.bbsrat", "None", "BBSRAT", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:36", "1700576", "9665aef3579856fe0781f524065283184697b247bd8abedb5229388b8e713edd", "sha256_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:35", "1700573", "93811c41f2b147d86062699c865db6e86069e06600a74508c9eaf28cc8176b9d", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:34", "1700570", "656dc476f78988a037f255d34815db95f0f3b909e87960328c640f7661aced75", "sha256_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:33", "1700567", "bb8fd83e2f634b131c9d2f68b6e1296725cf020dc8e26d6fa46d2fe3d4b2e649", "sha256_hash", "payload", "win.quantloader", "None", "QuantLoader", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:32", "1700564", "e5bffd1dee2cab5893d916605ae2eb05b69610dfd424acc65fb6055c38ddb41e", "sha256_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:31", "1700561", "44e7805af68d6e43a8fbb325f7d73cf3a586f4406c0d0c0c9f6b0cb4af8e818e", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:30", "1700558", "01403c9f0d54d5a08861a944328f799e3c441785c979118f708d23276cca4367", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:30", "1700555", "e9abda44b9d471c986e36204d64f5c9558010f3da6426a050a16bc27a3a95049", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:29", "1700552", "dcf93414b0b484552594de493651c303a85f79044d81d05471a8a80496ade5bd", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:28", "1700549", "24f69f0549f0f24862cdf87d569fd5c488cebee247d962d5313ed938b84b337c", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:27", "1700546", "9e3fb222afd79c0ac0ec54fa97acb7dfb13b14330faee6e70d9c28d6011eda5f", "sha256_hash", "payload", "win.salatstealer", "None", "SalatStealer", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:26", "1700543", "c36ce3c163b3ee35c18019151f796cd44594984a328e3042c3fe4405b8a47a96", "sha256_hash", "payload", "win.salatstealer", "None", "SalatStealer", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:25", "1700540", "7fef166e56cc1f073cc49d7494363dcffdf54b1123252a4b78b353b5426e3d43", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:24", "1700537", "c13a47eaa2c8e0342d2438e56fb8f668b72d7e12ce0e17b51076ad8d3c64f998", "sha256_hash", "payload", "win.strelastealer", "None", "StrelaStealer", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:23", "1700534", "e450b7efc8b429b618d2d22a074a3dd55c07b451eef315e0e20be7d9054ef18c", "sha256_hash", "payload", "win.collectorgoomba", "Collector Stealer", "CollectorGoomba", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:22", "1700531", "6b12a7c293a778126b4084359045c53a3d6a1e7de1fd4b6978a2cb4b91f804b9", "sha256_hash", "payload", "win.collectorgoomba", "Collector Stealer", "CollectorGoomba", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:21", "1700528", "43e91f2ff0f90919f77aaa7d21a77a93b6e413df8a4e8c818e7d215f800e5d13", "sha256_hash", "payload", "win.collectorgoomba", "Collector Stealer", "CollectorGoomba", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:20", "1700525", "8bacb2082eb37fd7aed5bb6a7fc766d9937d9f3ed926ae82420d37af754a216c", "sha256_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:19", "1700522", "3cea9865c8b39b99780d82cf511729b42f70a7964189b1631ef2229df9b2b311", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:18", "1700519", "e987298796ba6f43621430775536a346473dd2fdfaf5a99116132df7f8f96f13", "sha256_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:17", "1700516", "19e90ba9c47ff9422ffd1e1e6b3b53d4c39c9a4809e0de50de8202bb5b3b4cb7", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:16", "1700513", "2e767f4161775ff2ce50d95afbc7997ef6dc25d96d17b203ad778e0db3f81c5a", "sha256_hash", "payload", "win.poscardstealer", "None", "poscardstealer", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:16", "1700510", "f0bed15538e01b50c19ae3e088d47786654370a1878ee9326ca5f5950ef9bc46", "sha256_hash", "payload", "win.salatstealer", "None", "SalatStealer", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:14", "1700507", "91781da6c1db66ebd379e2008b897729ef011d064770a50d3acdaf01f2e95850", "sha256_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:13", "1700504", "8efb10bafc3b2f12d043d60d4c9009ebcde06f7388d8cd8042271bfa2da4b9da", "sha256_hash", "payload", "win.salatstealer", "None", "SalatStealer", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:12", "1700501", "83f96ebb903ce23ef34f3ad69ae98686d69153b3ca58baa197d728d63a14fc27", "sha256_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:11", "1700498", "ce30b2981bacd26701ad92983078e8b9c168b6400e2a89f36aa0ddab3ddb2770", "sha256_hash", "payload", "win.salatstealer", "None", "SalatStealer", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:11", "1700495", "47ef28076d5a9c148b2236a13314d02bcff35953c3ad80344ba5dbac85fffc11", "sha256_hash", "payload", "win.salatstealer", "None", "SalatStealer", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:10", "1700492", "9779b73c7453799dd09006fcf45411135ab6e87e53a33399e59353253a39b1f9", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:09", "1700489", "84c57dde048ad0f1bd21e753fecf2dfe6d8cfc4b5a6baf85a0c99b3fd5cfb68a", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:08", "1700486", "1bb67190c60bb694a3b056d4129737b0511dadd94206ec9dfd5976441c1ed839", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:07", "1700483", "719f762fbc61df4c651dd30e07831c5aee2c7a8b8dac7dbb2ad61d040eeaa79b", "sha256_hash", "payload", "win.arkei_stealer", "ArkeiStealer", "Arkei Stealer", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:06", "1700480", "2b3b4043787f3d2512c57e9d823e178b58140c8f1a7e2600b25eeaff15bf6005", "sha256_hash", "payload", "win.owlproxy", "None", "Owlproxy", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:05", "1700477", "d9b87f411bc9ddece377b50ce64c48fd644a18e2ce7fb76b1d34ee16bcb9e376", "sha256_hash", "payload", "win.masad_stealer", "None", "Masad Stealer", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:04", "1700474", "1040d717c449a840c09180398611005c910abb273295451a39964b188cd28b34", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:02", "1700471", "2c754f61ca24586a1be7f1ca3276e04c07ada776569669040ca8953bb6eca620", "sha256_hash", "payload", "win.darkvision_rat", "None", "DarkVision RAT", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:01", "1700468", "b4abd1c57d5deab070c3d3dd4a8210ce666799a9fd8d72a4cdd62a7fe4a6c6e5", "sha256_hash", "payload", "win.njrat", "Bladabindi,Lime-Worm", "NjRAT", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:46:00", "1700465", "6b679b3256fcd416e13d4af1192344761179dc9091840d638911b852defa5fa2", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:45:59", "1700462", "23a8454c420170d6111a59b49db323d750b6f7d89f6ca41d7bf8fece045aa59d", "sha256_hash", "payload", "win.bbsrat", "None", "BBSRAT", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:45:58", "1700459", "5d896a1e7acf19940db5d3dc02f125d84dddcdf8dfd344a87498d5fe157610a6", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:45:57", "1700456", "6e9ccfe6dd2cdec470365a1723dc467d00c2aff0f333568b1004375bdda49b81", "sha256_hash", "payload", "win.nimgrabber", "None", "NimGrabber", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:45:55", "1700453", "49d3deb1a576e06636623dd17621335880d560206658326f60f99c715850e17e", "sha256_hash", "payload", "win.owlproxy", "None", "Owlproxy", "", "95", "False", "None", "None", "0", "Grim"
"2026-01-10 19:45:54", "1700450", "f72cb82b62fc929d3f9378fc266662ccbc660db1a34eebf755a3df7e5e62fc83", "sha256_hash", "payload", "win.dcrat", "DarkCrystal RAT", "DCRat", "", "95", "False", "None", "None", "0", "Grim"
# Number of entries: 69