################################################################
# ThreatFox IOCs: recent SHA256 hashes - CSV format            #
# Last updated: 2026-03-26 06:49:42 UTC                        #
#                                                              #
# Terms Of Use: https://threatfox.abuse.ch/faq/#tos            #
# For questions please contact threatfox [at] abuse.ch         #
################################################################
#
# "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","is_compromised","reference","tags","anonymous","reporter"
"2026-03-26 06:49:42", "1776380", "b2204e8635b84670d8f18932db005dece6c5846e5cb012cf40888727bbe678c8", "sha256_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "False", "None", "ai-lure,heavens-gate,reflective-loader,shellcode", "0", "Lenard"
"2026-03-26 06:49:42", "1776381", "737a630bff6234403fe00d74991338a2f730632766cd29477f0d4ad763c22efd", "sha256_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "50", "False", "None", "afd-sockets,ai-lure,heavens-gate,reflective-loader,sni-spoofing", "0", "Lenard"
"2026-03-25 15:05:28", "1775540", "e53736526fb8de60e18bea982a3656c654720edb7edeab2a48045c8117f3369d", "sha256_hash", "payload", "unknown_loader", "None", "Unknown Loader", "", "75", "False", "https://x.com/malwrhunterteam/status/2036410316553085114", "AI-lure,claude.hta,HTA", "0", "Lenard"
"2026-03-25 15:05:28", "1775541", "f7966c111c9efd3c51dc32a4c173b244de78ea4bdf7bc9ff6babc9ec6363c512", "sha256_hash", "payload", "unknown_loader", "None", "Unknown Loader", "", "75", "False", "https://x.com/malwrhunterteam/status/2036410316553085114", "HTA,manus,MP3,polyglot", "0", "Lenard"
"2026-03-25 15:05:27", "1775542", "e9fb5839785a9a7edeac01b133c1e6870565caa21de23d3cf9353ffb7b9244c6", "sha256_hash", "payload", "unknown_loader", "None", "Unknown Loader", "", "75", "False", "https://x.com/malwrhunterteam/status/2036410316553085114", "obfuscated,PowerShell,stage3", "0", "Lenard"
"2026-03-25 06:41:25", "1775103", "f360d1285dafeecee7017cf50a531623e2526145331614fc010d2f361e34a83a", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "100", "False", "None", "ClickFix,loader,steganography,Vidar", "0", "Lenard"
"2026-03-25 06:41:25", "1775104", "3458048c42c12cafbf778d3bec34a692b151862af456012b7e01cc50ec1a2097", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "100", "False", "None", "ClickFix,stealer,Vidar", "0", "Lenard"
"2026-03-24 19:58:07", "1775026", "889e73e46d757542ddcd03300909b596cba48c149f97e28adeef916ee917dc16", "sha256_hash", "payload", "win.rugmi", "Penguish", "Rugmi", "", "100", "False", "None", "ClickFix,DLL-sideloading,InstallShield,MSI", "0", "Lenard"
"2026-03-24 19:58:07", "1775027", "ca63d44dddc1d7bf2c118bca8b874b3fc06d7e71ba7eba2af6b34e072b9af128", "sha256_hash", "payload", "win.rugmi", "Penguish", "Rugmi", "", "100", "False", "None", "ClickFix,PowerShell", "0", "Lenard"
"2026-03-24 19:58:07", "1775028", "a5ed5fd044e5a8443f3af3a5e33226920d5b4d72e832a5ed83a51b7e9efa8e0d", "sha256_hash", "payload", "win.rugmi", "Penguish", "Rugmi", "", "100", "False", "None", "anti-sandbox,DLL-sideloading,Rugmi,trojanized", "0", "Lenard"
# Number of entries: 10