indicatorsha256
2927bc31b4f8254c6b332fc03110a6373cad00ffa2ff9de427c26bb222017bb2
- First seen
- 2026-05-27
- Last seen
- 2026-05-27
- Sightings
- 1
Posts referencing this indicator
- FortiClient EMS Exploited via CVE-2026-35616 to Deliver EKZ Infostealer Disguised as a Fortinet Patch
fil_api_ms_win_crt_apibase_l1_1_0.dll hosted on attacker C2.