Indicator of Compromise
Medium File Hash (SHA256) Active
Value
da55783ca9c4098e5ea47e33507bd38ae9851b6617b574d1fa294a6205cb143e
Association

Cobalt Strike

Tags
Donut German LNK phishing Trycloudflare
Description

payload

First Seen

March 26, 2026 14:59

Last Seen

Unknown

Created

April 29, 2026 14:27

Last Updated

April 29, 2026 14:27

Additional Metadata 
{'anonymous': '0',
 'confidence_level': 50,
 'crawled_at': '2026-04-29T14:27:55.994910+00:00',
 'malware': 'win.cobalt_strike',
 'malware_alias': 'Agentemis,BEACON,CobaltStrike,cobeacon',
 'malware_printable': 'Cobalt Strike',
 'original_value': None,
 'reference': 'https://www.virustotal.com/gui/file/da55783ca9c4098e5ea47e33507bd38ae9851b6617b574d1fa294a6205cb143e',
 'reporter': 'Lenny_3BO',
 'source': 'threatfox-abuse-ch',
 'tags': ['Donut', 'German', 'LNK', 'phishing', 'Trycloudflare'],
 'threat_type': 'payload',
 'threatfox_id': '1776717'}
STIX Data 
{'description': 'payload',
 'external_references': [{'external_id': '1776717',
                          'source_name': 'threatfox-abuse-ch',
                          'url': 'https://threatfox.abuse.ch/ioc/1776717/'}],
 'id': 'indicator--1776717',
 'name': 'FILE_HASH_SHA256: '
         'da55783ca9c4098e5ea47e33507bd38ae9851b6617b574d1fa294a6205cb143e',
 'pattern': '[FILE_HASH_SHA256:value = '
            "'da55783ca9c4098e5ea47e33507bd38ae9851b6617b574d1fa294a6205cb143e']",
 'pattern_type': 'stix',
 'pattern_version': '2.1',
 'type': 'indicator',
 'valid_from': '2026-03-26 14:59:35',
 'valid_until': None}
Quick Actions
Edit IOC Update from Web
Back to IOCs
Dashboard About