################################################################
# ThreatFox IOCs: recent SHA256 hashes - CSV format            #
# Last updated: 2026-03-03 14:26:48 UTC                        #
#                                                              #
# Terms Of Use: https://threatfox.abuse.ch/faq/#tos            #
# For questions please contact threatfox [at] abuse.ch         #
################################################################
#
# "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","is_compromised","reference","tags","anonymous","reporter"
"2026-03-03 14:26:48", "1757482", "8406e19b242c41f5556732b329901830c70d46840daa2f499b19aea02bc42f58", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:26:41", "1757479", "2414141dd238daf74d27e7c3395bf35e506071d1dd948d0a5553123dd4f10a05", "sha256_hash", "payload", "win.moker", "None", "Moker", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:26:33", "1757476", "b75dc565e8102e579c1a6f8272280e9727347666f98f6d163c68d5a714131bbc", "sha256_hash", "payload", "win.quantloader", "None", "QuantLoader", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:26:25", "1757473", "5f24edd66b3d3d956016c8172546e0186b0008bb16a338290a9e0aaf11fd3cff", "sha256_hash", "payload", "win.quantloader", "None", "QuantLoader", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:26:17", "1757470", "a874812d5f6518587a09b679236e71a2555702fb99458400613626651dc83f3b", "sha256_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:26:08", "1757467", "19566cf37f02560342499306c175fc85c5d8e95ed7d0b813410f51e4a99df995", "sha256_hash", "payload", "win.salatstealer", "None", "SalatStealer", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:25:59", "1757464", "ceceb10c620a2efe287eaa517bca67b770fcdafe22eea5459d91b2e010f70d5d", "sha256_hash", "payload", "win.salatstealer", "None", "SalatStealer", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:25:50", "1757461", "1b6bf7991b2126158de51b8a798da5d0d3b5f169a09cfb4b0f3a9a1d2efe9c63", "sha256_hash", "payload", "win.salatstealer", "None", "SalatStealer", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:25:42", "1757458", "414231a4345291e68fc64ea0b80f135666b9b75483ed31332370a3be3ea9af8b", "sha256_hash", "payload", "win.salatstealer", "None", "SalatStealer", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:25:34", "1757455", "458d34568f5d62807cbfc621729f831b9fa6bd9a7b076e43fca0a74b0bbf45f5", "sha256_hash", "payload", "win.salatstealer", "None", "SalatStealer", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:25:26", "1757452", "0dd2c3aed88099df279f0f86ed2aea8cbd378ebebd553fde9760131ab157c34d", "sha256_hash", "payload", "win.coffee_loader", "None", "CoffeeLoader", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:25:19", "1757449", "e23f8ba7bf289df08075b13c8957fa5d89583ed7d4e7cb52d14fe95b64143c2e", "sha256_hash", "payload", "win.mirai", "None", "Mirai", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:25:11", "1757446", "c671c87dce61b1596076ea91342f1a6f353913596154a9b3cb2a3d39e35bfd79", "sha256_hash", "payload", "win.strelastealer", "None", "StrelaStealer", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:25:02", "1757443", "0f1425848b9b390461924a03c4c9bac804cf1f9694ea66469d3222b730a816b5", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:24:54", "1757440", "c76590bd3c27c485dac2c5fd4c3c2cbee803e2b963e6a272323a9f88cbfc773e", "sha256_hash", "payload", "win.mirai", "None", "Mirai", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:24:46", "1757437", "08f8a286b6cd9ab0291e3b0e5f5d2fdce22024acc167634de0ad83bcb47a5747", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:24:37", "1757434", "d0e6c07c094c482eed3ebe6441a1348db9668ef4f596e563ad2f1637bb5ed5fb", "sha256_hash", "payload", "win.metastealer", "None", "MetaStealer", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:24:28", "1757431", "b1e7e3f50e10a731bd145b6d6e1ee38641ce30a4a2c73e8b54582de5926b3059", "sha256_hash", "payload", "win.metastealer", "None", "MetaStealer", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:24:20", "1757428", "5ad5865b4fbfd641322ad9a81feef73dd5595c1a2581ddc597e2e59ef39264ff", "sha256_hash", "payload", "win.meterpreter", "None", "Meterpreter", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:24:12", "1757424", "4b41f36f82db6da8767a0a1c2997c8242d80b2d10a8f1d28c252a9306ec152b5", "sha256_hash", "payload", "win.golroted", "None", "Golroted", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:24:03", "1757421", "6a794a8e3184d505573cc23c957b78b11a7eb89317ae2a82bbaa1195c310da0e", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:23:56", "1757418", "e8ff2c7daf775a23680e2caba0dccb8d71a280c54dfaeae9b3d2a1318dc1bf92", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:23:47", "1757414", "bd47fee1efdfbff5fdeb571e8a93463dec3123e57d2b4ea7879158923c9c33d4", "sha256_hash", "payload", "win.quantloader", "None", "QuantLoader", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:23:39", "1757411", "5956f2eb705589549010d0bc2061369363791018e312eea2bdf2d5ef905d153e", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:23:30", "1757408", "b6e57d8a08b0c90588072b0dc4d153f393a3587e6e5e1b38a6c025bb4c7c9d92", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:23:22", "1757405", "19b794bd2efbdfb13afb138d45d3040d5aed52e0a2a951e6bbc3395517ae1802", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:23:14", "1757402", "f00611d70e13c43db0abf6af56c3c4a05979820907d5dae11a2bbcf32cd38fb0", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:23:05", "1757399", "800d862ec650c0a31e564883c0235894f1846ea2cce7f8f70788ecf4fe7b09aa", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:22:57", "1757396", "8f1fd5f8e2d73c1fe9aea345a4a3653e766fbdff31172e08fb7c06d4abfce07b", "sha256_hash", "payload", "win.quasar_rat", "CinaRAT,QuasarRAT,Yggdrasil", "Quasar RAT", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:22:49", "1757393", "59793e1235186b86147e8b28a1044362f028df7b6fe0ef5d3aca2a3042a71cfd", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:22:41", "1757390", "d1335a524df21481dc23bdfbb6827f21854d2aa9c17cfc4555c57cc0135113df", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:22:32", "1757386", "fe67b6ec00f704040dc54a7f66a1aeaa4aa6cdf190a5d073b3ba27240a2f27cf", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:22:22", "1757383", "1eb45380386099c5554002969542a7f8738dbee7a65910e6686b8133a8c17e01", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:22:13", "1757380", "b6fda8d53d0c5d1a306ff410785e991980389f28c6716190f03f99d868928c5a", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:22:04", "1757377", "a0148beac0f18eed5beb051824a1a7ec307ba13be44f4808dfc1c15e628452ab", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:21:55", "1757374", "f9af61b4bf86ac7a59397308acac4252efec71dabd9a9e1fedf0ac6c1c473a9f", "sha256_hash", "payload", "win.strelastealer", "None", "StrelaStealer", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:21:47", "1757371", "13047daa89a40fc8aac030d5e6f3ef326682719633ff996908f382934ae3fb96", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:21:39", "1757368", "5921b72b0b87c50ff2058c28b504276e1b0086a75d2bbd82d2ddf7f0e55457be", "sha256_hash", "payload", "win.terra_stealer", "StealerOne,SONE,Taurus Loader Stealer Module", "TerraStealer", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:21:29", "1757365", "fde23c39738f7c241bfa877dd0623e2468388b51accb030876267ad2b8b81637", "sha256_hash", "payload", "win.strelastealer", "None", "StrelaStealer", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:21:20", "1757362", "deb4f380d5161558f6346b3454bc6940e448d42331c18d5897e5b584c541ea01", "sha256_hash", "payload", "win.metastealer", "None", "MetaStealer", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:21:10", "1757359", "6545b109e575cc3a60d80e7155a4a5f70d770adbe96965cb7e42a2d62ca83043", "sha256_hash", "payload", "win.ismagent", "None", "ISMAgent", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:20:58", "1757356", "6a3a4b0552cc98c9e45f85eecee968c0108535b52ec0f8c5f835e7e0322c66f9", "sha256_hash", "payload", "win.metastealer", "None", "MetaStealer", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:20:48", "1757353", "ac16b746beb8102fa45b69901a5f88d5c4289da12428c4e2fb421bc6418c45bf", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:20:38", "1757350", "cf79cfa83d7705b103b3baaa675cc56127e9a5a9f70684f42831886992901509", "sha256_hash", "payload", "win.smokeloader", "Dofoil,Sharik,Smoke,Smoke Loader", "SmokeLoader", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:20:30", "1757347", "164db72af466485d17cabd5b5dee001995e1f9a0ac9e572d8ac80e65fd0985bf", "sha256_hash", "payload", "win.vidar", "None", "Vidar", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:20:21", "1757344", "1e301925942e4bd6ea46f7d62167177d6b0ab958feb620cb59ab17954867f4d6", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:20:12", "1757341", "a2d004f78528c839119532cff09cf6f777baea9b1680d69eeb82d6a7700690db", "sha256_hash", "payload", "win.nanocore", "Nancrat,NanoCore", "Nanocore RAT", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:20:01", "1757338", "2f0c2610f4d617f8a29d0538de4d6792a439fafad8476fada0df369f56d5f5c9", "sha256_hash", "payload", "win.valley_rat", "Winos", "ValleyRAT", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:19:53", "1757335", "0a49ae686b7a7d0153f290bd5d125d354e7aca15e095b049f7107a23e53137e0", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:19:46", "1757332", "2a045bbc471a99cecdc8ab5d7a7697455bc722a13b9cc3526c723744dd510811", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:19:39", "1757329", "15682e3a3efaf41969596294ceb1686d4b4a1e49c0617ddcfcb95f58de0c0336", "sha256_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:19:32", "1757326", "a3afbb6771a771ea61ccb77d4618f1003071a9b337bbfdfeaad46a0a3d6ce58a", "sha256_hash", "payload", "win.gcleaner", "None", "GCleaner", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:19:25", "1757323", "77fb832052abc29f8392e50a83571fda0a9a44fc14c485bc9ae58b37ca51b00e", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:19:18", "1757320", "b47f2b7b70affce64de8f66fd1f2ee162969f6022b083be1060f55f3808c0b05", "sha256_hash", "payload", "win.ismagent", "None", "ISMAgent", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:19:10", "1757317", "26e8b9f0f7b345449b4b5cf8bf5b3237a2a78e3559ca28ab6a3fe623a83dd076", "sha256_hash", "payload", "win.asyncrat", "None", "AsyncRAT", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:19:02", "1757314", "80cc2e05768818efd119066e5581ed339c89096bcbb8afca541583deddb3152e", "sha256_hash", "payload", "win.newpass", "None", "NewPass", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:18:55", "1757311", "600433eb22bb7e5a33c190688063dd9417d6b45cdd8e7e3ba93c9d37ce7b0946", "sha256_hash", "payload", "win.systembc", "Coroxy,DroxiDat", "SystemBC", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:18:47", "1757308", "b4807ac87af8589488b6ef92c54827bca32ebc0df56adb66355b235bc67d4a55", "sha256_hash", "payload", "win.reverse_rat", "None", "ReverseRAT", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:18:40", "1757305", "27a5b90f604f0a1bd24b163771ce1d0bc87a6c72f939e57e42520d17e4263838", "sha256_hash", "payload", "win.mercurialgrabber", "None", "MercurialGrabber", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:18:33", "1757302", "8665c6898b572b340bb1f7dc251a54880c4072f360cb2320910d66e5bb8f9abe", "sha256_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:18:25", "1757299", "ab8a2dea295d6d377736c9c1ad3a56f04025e8328e5dead19ccdf180fa20d5e9", "sha256_hash", "payload", "win.neconyd", "None", "Neconyd", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:18:18", "1757296", "40b25e0433d882b8e6027565717fceebf73111b0c5aa22b6f8e90b15e516cbc8", "sha256_hash", "payload", "win.snojan", "None", "Snojan", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 14:18:09", "1757293", "dca40a0120ea176aa65b99c90d171761cb8bf696be4be026941f7f54e3c21635", "sha256_hash", "payload", "win.guidloader", "None", "GUIDLOADER", "", "95", "False", "None", "None", "0", "Grim"
"2026-03-03 13:45:58", "1757268", "ee401ae9de8a50f3f0eab4810e49a1db94067f436daaeb9fe75e6de826ee7338", "sha256_hash", "payload", "unknown_stealer", "None", "Unknown Stealer", "", "100", "False", "", "None", "0", "_mszustak_"
# Number of entries: 64