################################################################
# ThreatFox IOCs: recent SHA256 hashes - CSV format            #
# Last updated: 2025-08-21 04:27:28 UTC                        #
#                                                              #
# Terms Of Use: https://threatfox.abuse.ch/faq/#tos            #
# For questions please contact threatfox [at] abuse.ch         #
################################################################
#
# "first_seen_utc","ioc_id","ioc_value","ioc_type","threat_type","fk_malware","malware_alias","malware_printable","last_seen_utc","confidence_level","reference","tags","anonymous","reporter"
"2025-08-21 04:27:28", "1571934", "f1b11dc83c398b1d7c606f7f5a181b8b76cd54dcce88bbec3fafb108bf04809c", "sha256_hash", "payload", "win.broomstick", "CLEANBOOST,CleanUp,CleanUpLoader,Oyster", "Broomstick", "", "100", "", "Oyster", "0", "hartescout"
"2025-08-20 16:16:58", "1571847", "cf6b4824a833d49dc750f8361db73916310543fc225211efc147eb8b58c5c5c6", "sha256_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:55", "1571844", "6621b9465a5a1ca10921c22b8a6403027eccea0c29f5fb72e8923886b7a8ae1c", "sha256_hash", "payload", "win.gcleaner", "None", "GCleaner", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:46", "1571841", "2f5561a0b8268a796b97b58d38421fd3d377e4b280825120f00fab3292e706b3", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:43", "1571838", "6aaa12302d88ebf9486d546f7c8c5ea0930ae6e5db2b70cbe0552dc3f57ee2e2", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:42", "1571835", "db435e2a44fee3053b98a0111e4dbd4e312a213e6a31cb909ead13733921e05b", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:41", "1571832", "f667c428b522dde24c5524da99fdf375e3fed0ca92977f0890eb72e21e2178fb", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:40", "1571829", "099250469c23007b02b117b43e6a1b29d24944eebb4c12b0cdc553556d414ca8", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:39", "1571826", "050f2713c672fef785c006ad7243e5ed913fa5a396cb2739f0ceaf1ddadadaa0", "sha256_hash", "payload", "win.gcleaner", "None", "GCleaner", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:38", "1571823", "2d02606c43b8a9be066c030f5d47833058357b216790ab05f5399eafb433d83b", "sha256_hash", "payload", "win.agent_tesla", "AgenTesla,AgentTesla,Negasteal", "Agent Tesla", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:37", "1571820", "49a3e94b5f1a0199ac0929428e4779451a3533e93f469cb1d832d44c590fe8ff", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:36", "1571817", "2dcb95ebe5144f45e045bc0e92ec983ab0ead6e7ae72950ea178de51760cd06e", "sha256_hash", "payload", "win.remcos", "RemcosRAT,Remvio,Socmer", "Remcos", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:35", "1571814", "bd48a0e2b6038130537b279be3e89a7b7d41ee315a8b04c0d9af572d6c16a950", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:34", "1571811", "287eed2ee591a0bfac6b817ebb5e9da770014fc645d0d1e1ecc523e96b1bb7c5", "sha256_hash", "payload", "win.vipkeylogger", "None", "VIP Keylogger", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:33", "1571808", "cba5a4c3813bbce1dfd6591d94bdd59e773c33d06d4a534da0b3cb527f0a9f7b", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:32", "1571805", "87e1e8c1e29eef773344a54e0d6b518406822840b50f2866ce9c2128b767b37d", "sha256_hash", "payload", "win.purpleink", "None", "purpleink", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:31", "1571802", "14e1e45700c823b5b6ee2d45bafb8a4c57a79cdd115199592894ed3b88b21fed", "sha256_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:30", "1571799", "3560c6f9c634f01045b6d421270e3984dab8b43c7b9a5af2a4f87903028b21e1", "sha256_hash", "payload", "win.vipkeylogger", "None", "VIP Keylogger", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:29", "1571796", "8cc4684d5b4c41db041acab6550e5d8d110175b4da2dbe79da04b62cd21b410a", "sha256_hash", "payload", "win.krakenkeylogger", "None", "KrakenKeylogger", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:27", "1571793", "0faf94a24b00a7dca3cb0e26b29b0c3f72f66e2f968d997ad45e74620efeb11b", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:25", "1571790", "48658b63dba7df9119b111b9d5d537f087162b7a8be03904dd6b76cfe39380df", "sha256_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:23", "1571787", "994065e0f91b950d6b8b8d5cc42817f22506323206740c570fa1db33746c4de1", "sha256_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:23", "1571784", "f244c0520231ec5a3fe6eff638cbbc80d778f4b33db88ab278634a7758e5c926", "sha256_hash", "payload", "win.havoc", "Havokiz", "Havoc", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:22", "1571781", "dcc9538effe19a635714006044a83e9ab84b0355d28c07d819c44e879207b363", "sha256_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:21", "1571778", "af6376d7d5de38d0d7acf754db0d4c4f77ba49a48eb1cb4d240b16d3725d58dc", "sha256_hash", "payload", "win.formbook", "win.xloader", "Formbook", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:19", "1571775", "3c50eb2e3055d6cd28e128bf48ba711ff757089c0dee8b1bacd26f4470705174", "sha256_hash", "payload", "win.cobalt_strike", "Agentemis,BEACON,CobaltStrike,cobeacon", "Cobalt Strike", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:18", "1571772", "2c7de71de889aafad05239bce7583f33677e527b1b12f30c313351fb8844af17", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:17", "1571769", "1a3a2be484d8f6e4a3458ef3c259f13497fc5c10062458c6b2c4373005a3d7fe", "sha256_hash", "payload", "win.gcleaner", "None", "GCleaner", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:14", "1571766", "353bb7ff551cc81d11dd41b3ac03084ab2ce72a86099a6010a9ac5d6a67cc5d0", "sha256_hash", "payload", "win.gcleaner", "None", "GCleaner", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:13", "1571763", "4c0999fd58331d7b3f971f3bfe4351b500d086eac555b81a5e7c7c41cb3eae8b", "sha256_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:11", "1571760", "a622496b016b530214c3e577193e9d6343bd81407bd75162055bf92734e86608", "sha256_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:09", "1571757", "854c8a2bc48bced68b6c8d92fe3fadfc67df4f079af0a9714731c61bf3b684d6", "sha256_hash", "payload", "win.plugx", "Destroy RAT,Kaba,Korplug,Sogu,TIGERPLUG,RedDelta", "PlugX", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:07", "1571754", "bd3cd8bf7dfdc80604a6f4dbbee83b31b82ae5082a8f45aa525732264280ea4f", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:06", "1571751", "c1fcdbc77e5ab2ebfbf3bd0adc2d81bd64ed2dfdacccfea9783003cf950ac36b", "sha256_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:05", "1571748", "e2c3e6311d29dfe4295934c27fcda900fefc80e8e0d211f95f879771c22f6c04", "sha256_hash", "payload", "win.coinminer", "None", "Coinminer", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:04", "1571745", "314d0fbf925c53f52ff40ff6936824d8db25e4e0c23134aa572aa1828faacedc", "sha256_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:03", "1571742", "2837c7974b43c5836e0d123c4a9f29a337f28d57019ac6d98a6c99b6d0683322", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:02", "1571739", "bfd62493f02254967099a6e6ab922c0fbf00363659a030dc303cede7d2709295", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:16:00", "1571736", "ba9dfea27d075639e627720e191c5f0dbfc689f8ed55213a4179b7b7bb4658d2", "sha256_hash", "payload", "win.amadey", "None", "Amadey", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:15:52", "1571733", "ae3b091dc9baa4497d5da784515c69539eeafd4d38bca1e42a3588fb8c56e47d", "sha256_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:15:51", "1571730", "3bb5b7905d133153dadc408f2ed8075c6b3d11aa13ba52b3bd97704484655c3e", "sha256_hash", "payload", "win.xworm", "None", "XWorm", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:15:50", "1571727", "96024042d0dea1ab62db489fba07834dced65fe1e2d09b33ccdc41c388d11609", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:15:48", "1571724", "75ebdbe16e4e04a657bb1a54f48b6951d1b0a191e79f27d2dbdbf2a4afe929c3", "sha256_hash", "payload", "win.gcleaner", "None", "GCleaner", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:15:47", "1571721", "04651b5ea2f5abd76dfffd4630d54ca23bf2a3c30f53e4ccc213f0f669b7e834", "sha256_hash", "payload", "win.gcleaner", "None", "GCleaner", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:15:46", "1571718", "e12ee7f81b36119f286b0aef02de51905a17c14433a37439f089e07baf3044ce", "sha256_hash", "payload", "win.redline_stealer", "RECORDSTEALER", "RedLine Stealer", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:15:44", "1571715", "8441f8b903c676d468bb0b0c07d699cb98df153cc50b4ac566e7ab95293cd2db", "sha256_hash", "payload", "win.stealc", "None", "Stealc", "", "95", "None", "None", "0", "Grim"
"2025-08-20 16:15:42", "1571712", "e15886e3c6af9edae546b18f8cce879de2773538cebd598748af924db890da40", "sha256_hash", "payload", "win.luca_stealer", "None", "Luca Stealer", "", "95", "None", "None", "0", "Grim"
# Number of entries: 47