################################################################
# ThreatFox IOCs: recent SHA256 hashes - CSV format            #
# Last updated: 2025-12-12 06:34:03 UTC                        #
#                                                              #
# Terms Of Use: https://threatfox.abuse.ch/faq/#tos            #
# For questions please contact threatfox [at] abuse.ch         #
################################################################
#
# "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter"
"2025-12-12 06:34:03", "1675863", "de5fcb3128ab96a7c5e45d93ed01498102aacde90552b9bffc581fa94d5c8e6a", "sha256_hash", "payload", "win.coinminer", "None", "Coinminer", "", "100", "https://github.com/gololobovevgenij4-byte/Silent-Crypto-Miner-modded-build-Sample", "dugganusa,github", "0", "duggusa"
"2025-12-12 06:34:02", "1675862", "ca49f69a007de870c0ae4c9cabaa4707ad73c9735d643c7bfcdc2a4cf2ba9765", "sha256_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://github.com/gololobovevgenij4-byte/quasar-modded-malware-sample", "dugganusa,github", "0", "duggusa"
"2025-12-12 06:34:02", "1675861", "22804099ed114502613561e19c39b08d85532366de6aa7dc7b648da51d4a7515", "sha256_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "100", "https://github.com/gololobovevgenij4-byte/test", "dugganusa,github,pulsar,quasar,rat", "0", "duggusa"
"2025-12-11 15:17:11", "1675823", "a994f6712f32b1a1dbccb54c7ca9f79ac7d0f89cde34348a77b9817e8fcdd8fe", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:17:10", "1675820", "0cf0547fecacede8b964cf7e05f176ef20558e877dfe01234362ff5ccb900542", "sha256_hash", "payload", "win.masad_stealer", "None", "Masad Stealer", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:17:09", "1675817", "8f85357f6ffa9ed4190aecc8d75270df936ec412f578bf265e1c655975b63578", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:17:08", "1675814", "2f416aac027f19f563cc45e3b4b72e992aaafb63da27f968b9a76a391134dc7d", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:17:06", "1675811", "b4f42e2d8be3ccd05179f4ed0f21019da4f47b87cee2d08f0acd1e90429a376c", "sha256_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:17:05", "1675808", "10cfbba309590b580be85155fa455626657af18849f672ae36762c6f6e29b658", "sha256_hash", "payload", "win.redenergy_stealer", "None", "RedEnergy Stealer", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:17:04", "1675805", "fc50247f58d72afba698b57caf317197faf277250c68a97297e03a8558bc32b5", "sha256_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:17:02", "1675802", "b0383b31ab663412a3a50e9a19032942a4819320055577f583b0831760a8cf12", "sha256_hash", "payload", "win.supper", "SocksShell,ZAPCAT", "Supper", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:17:01", "1675799", "5b959934fb0324eede51db8ac523db1a9345f763880e9c1c8a1c41d21a2e8236", "sha256_hash", "payload", "win.acr_stealer", "None", "ACR Stealer", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:17:00", "1675796", "9d896e56913f4f9acf566032bd3b725d65a4bed226221fd8ccc64e158d263266", "sha256_hash", "payload", "win.nanocore", "Nancrat,NanoCore", "Nanocore RAT", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:59", "1675793", "41444279183b21fcae701c4f80fb5051afd34a44bc9ea24782def1fe3e67f0f6", "sha256_hash", "payload", "win.purpleink", "None", "purpleink", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:58", "1675790", "a9f7f1273ddfc19d2aa0fa93caff67e9210b12b12ee655d14465a7c5137b0d67", "sha256_hash", "payload", "win.moker", "None", "Moker", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:57", "1675787", "3ce350faa20a3988e79bf9e469b8daa899d4c8f14d3f39efc29ac3b4163b00f6", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:56", "1675784", "dc6e46aac9aa53de80ae8b7bd7b53cb85f12b766ac8fffda5dbf9c9941b19f00", "sha256_hash", "payload", "win.acr_stealer", "None", "ACR Stealer", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:55", "1675781", "c55cc3475b3d17bd08deb99faeac09bed2ea099145ad984c4b7b71e6e27b14eb", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:54", "1675778", "1bcdc03a0711b797eff150f7397190301b97c90224128cce41c01023eccc6533", "sha256_hash", "payload", "win.resolver_rat", "PureHVNC,ResolverRAT", "PureRAT", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:53", "1675775", "fedbb15c2b202106c4526b01299a1fe6922b0af8773e7ddd8202e2c99c5e44d3", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:51", "1675772", "8057668808e5529f8deabb384d51f5b914b1a2516dd1b03f6b1a3b99748fb808", "sha256_hash", "payload", "win.acr_stealer", "None", "ACR Stealer", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:50", "1675769", "2d7a335c537345eca422f36ec34ab4a604748966dce388e522d0427d24cc0e8e", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:49", "1675766", "3fd361b04c435012af66e38eaac7dc279525fe9df3065214d7604845f4087714", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:48", "1675763", "5cbd21fc9ade9e22c472a5ce0c620a5d89053342e13f046ab8be9fff149ae0f8", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:47", "1675760", "9384721425cfbbd46be99dd3190b5d5e09e6817dcb811ea526389182ceef5881", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:46", "1675757", "fa265a7c24244f3583859da8445288c8c6c913b53922d342983147df6e9becca", "sha256_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:45", "1675754", "3677cb257e0a44363a98879ab3570f48114f35cc10e340a861aae098dac34df3", "sha256_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:44", "1675751", "11f392975699cfc7bae3ec4a5cae53d0a16f182038416728b24813d0e78cf3bc", "sha256_hash", "payload", "win.guidloader", "None", "GUIDLOADER", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:43", "1675748", "383ed6c9cdf8590845730198dfde66cd799ec047ca8850cb5ecdfed293fa287c", "sha256_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:41", "1675745", "7107a5aff83a129d0a58e09a5338be703a9ded881cd7d750cbccb2e255898a34", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:40", "1675742", "d309712d8d5fd6ead0801faa17df6b388e4a2dcd29db2e1ad6addcdfd6321439", "sha256_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:39", "1675739", "a67109836839f25002d6a6e56666d6f94f7aafbd9a57c344b03b7ce55c69a32e", "sha256_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:38", "1675736", "d78a33016cd68b836958bd19ae5651afdd1df61a9765b62161f6e3ad9423be3a", "sha256_hash", "payload", "win.gogoogle", "BossiTossi", "GoGoogle", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:37", "1675733", "15c6cae1e39e87915ec208a115b4191327057028546e2727351edad63ba41f59", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:36", "1675730", "e76b4f6b4666de9d6306d46321fc517fabfaf33db0383caece052170a3d90d05", "sha256_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:35", "1675727", "5da36b89427b237eaf57d03e7f9a4bbcf3fb34f60efcca9dabf8c20bcf7633e9", "sha256_hash", "payload", "win.qtbot", "qtproject", "QtBot", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:34", "1675724", "8bee6e2f31a9dba9d1005f17f87ecdc3d6cdf7ce1fe11d4c7db66e03ae7ee8bf", "sha256_hash", "payload", "win.qtbot", "qtproject", "QtBot", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:33", "1675718", "6f561ab384d65db9ee11a49b2f9d0a1e6758f9d0c6082f1e65821f6984fa2c71", "sha256_hash", "payload", "win.xred", "None", "XRed", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:33", "1675721", "901fca1aa7efabcfbb8d5dda152f632e46bb3b86259163956a3257480ade7f15", "sha256_hash", "payload", "win.owlproxy", "None", "Owlproxy", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:32", "1675715", "b61ee518ba44e1fdc1689a56a8d765f10af2f9ddece7da07f8765ddd8ca41673", "sha256_hash", "payload", "win.ryuk_stealer", "Sidoh", "Ryuk Stealer", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:30", "1675712", "e4e09416c63536c975a88d1a43281948b69d52e7cb56febf15df23b9dd2fa7a1", "sha256_hash", "payload", "win.troystealer", "None", "troystealer", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:29", "1675709", "5a2b8ec78903b0cda31dbf7a145db8eda647c89069af1990b322b63bc0ddd2a7", "sha256_hash", "payload", "win.owlproxy", "None", "Owlproxy", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:28", "1675706", "a84c53037ecf5ba9db3d05ed58d835a960973dfba8946c94e9bfa6838ee12a4b", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:27", "1675703", "d627f177d39d3c3a8b07c5ae4f84669155639b8db74c763d11b9e6ed141fa358", "sha256_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:26", "1675700", "572b8f1aac5ffa9c0bbe38272cb166162ee731dec742e06be8c371b033f380f2", "sha256_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:25", "1675697", "0df4f9f8972f4fac1b7f355c9d3beeb0b00733a5dd72c66535886f0228c9912e", "sha256_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:24", "1675694", "32f92e03997d4aae7109dcf0473079a07531087f3d7be62dc9e283e7da3089a6", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:23", "1675691", "8943c75d3f974d35e552c914bc64df0bbce1eabab18b0ffda945665e7ba37691", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:22", "1675688", "295cadd97ce5703753e88626dbb01faaf10e46f5b0bb91bd9ff16c7c1de6aeb1", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:21", "1675685", "283447a47c7a5e90bdf94f7fe4ca0710bbc238d471509d17f56e584b1458d63e", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:20", "1675682", "90ee1e7a6193aa7c62de6fd466fc0ca1fe7b8aaec67fa98e96183079222593f4", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:19", "1675679", "6d2ce895a41a7611bc8698f865c47b3b19b15369da5883f444e2b1041cc8d136", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:18", "1675676", "4df083e9984ccbd83dd3fc289c54dae2d029ecc13ec852e842fd1ec7ee6936e5", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:17", "1675673", "b01ba99f217350cfcb21729e679d85c16ec72c00597278afe645d526070eb14e", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:16", "1675670", "d790958515a8f5f4f116c06154f49a385e942d4ece9f98217a64bbe77834efb6", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:15", "1675667", "b4e27780b02fa1244ec4a9ee9b5dd44c82e034068b2376d08553376a5ae2befb", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:14", "1675664", "2ca2e39c70b768865c30b1f8f7430a262872247c55f10bdddc91f0af179322a1", "sha256_hash", "payload", "win.socks5_systemz", "None", "Socks5 Systemz", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:13", "1675661", "76b3ee9cca86112904365e8c1a452918c640077a85f03510c0ccbb08e7df5c5f", "sha256_hash", "payload", "win.guidloader", "None", "GUIDLOADER", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:12", "1675658", "e1a90f94eb11455c951e86b9e8c5a2f90721382ca0b984e39a9ed2cfb10d4c15", "sha256_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:11", "1675655", "93ae4fe5e63dd384553a3ef680a20232b362565d5940181d729ab9b8c11ced20", "sha256_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:10", "1675652", "97fa44657b45691842fa643071d3eab44106539ef59ddf476f2ab896f84181d4", "sha256_hash", "payload", "win.socks5_systemz", "None", "Socks5 Systemz", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:09", "1675649", "aaa8bf0cd32ebc28b46c337e6d91a4202434f7bdbeb1ddb7c8bb84e2d69f3ddd", "sha256_hash", "payload", "win.masslogger", "None", "MASS Logger", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:08", "1675646", "9f269d664f5824eb7a79ea03fe887f895ec920df8d6e2013777933f2b0987ed1", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:07", "1675643", "cc3ee9cfdf857bce253c6ed7401d0c029ad2c29d4feda2f795cfc81a37a8e07f", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:06", "1675640", "2416af1b85a2c0a3fcbb58cf41a50b1e2777701502c6fab1e0ea0dad425af8aa", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:05", "1675637", "32e3b7e38eb96cae0a3852507eff383a3484faaa23ba70e4d80b3539389b8241", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:04", "1675634", "9d15c93c897e46b58d5dc532b7520e235e83b24a16c315f5e7e198f27926f97d", "sha256_hash", "payload", "win.strelastealer", "None", "StrelaStealer", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:02", "1675631", "6b08010bf6a5148ea64abdea3edfac0ed11a27137def1f8f6e6c7a996870a8e8", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:16:00", "1675628", "52c174db8fe85141cf1b7e4ed6b4b20ad0ea37bca75887306257efbe1dcb9820", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:15:59", "1675625", "396cd5ce66d77773dc436035469fac4ee50c680c82e085fe1b41b0e09f7a66c8", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:15:57", "1675622", "56f15e24bbc959df8c9be82dfe02ebfbcfc5b1f605643d5990f91b5b81d02e2c", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:15:56", "1675619", "01777810e2b9edaa543fb7be8a238a442cb070cc4838b5a1263ffba65d7e1845", "sha256_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:15:55", "1675616", "11a8fcd56d53f0cf7d1569de4fa9fdd0dfdc9c573563be24461623c904a12dbc", "sha256_hash", "payload", "win.darktortilla", "None", "DarkTortilla", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:15:53", "1675613", "ea5f5c5e914eb4d1d4edd98dcc80c8c9750e4111aa4f863400fbaafaf575ba6b", "sha256_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:15:52", "1675610", "47d3c52c7da0bffb9711ae9b3278aa17b1264858e26b0d1d9418ea782c4c2573", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:15:51", "1675607", "2a084e79463e72c0933ec50e0b89aa2cdd5295584b6d6b211da98c5a3b4a8a8c", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-12-11 15:15:50", "1675604", "4c632e8ba569dc2f801bbe0f57d7fc0c658e9eeaf85939ef3720f31a15e8868e", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "None", "None", "0", "Grim"
# Number of entries: 77