OSINT IoCs section
In addition to lookup results, Kaspersky Threat Intelligence Portal provides open-source intelligence (OSINT) for the requested hash. This allows you to find more information on the hash, for example, in posts in which the hash is mentioned.
To search for open-source intelligence for a hash,
In the Search field on any Kaspersky Threat Intelligence Portal page, enter a hash (MD5, SHA1, SHA256) you want to investigate and press Enter.
On the Threat Lookup (
)→ OSINT IoCs page, Kaspersky Threat Intelligence Portal displays a list of posts in which the requested hash or files identified by the hash are mentioned.
The search results include not only posts found for the requested hash, but also those ones found by other hashes known for the identified file. For example, if you search for MD5 hash, posts on MD5, SHA1 and SHA256 hashes of the file are also shown.
OSINT IoCs section
Field |
Description |
|---|---|
Date |
Post publication date. |
Source |
Link to a post. In some cases, the requested hash is not mentioned in the post by the direct link, but mentioned in posts accessed by links in the first post. |
Hash |
Hash type by which the article was found (MD5, SHA1 or SHA256). |