THREATNOIR
Subscribe
Back to Feed
MalwareApr 10, 2026

I'd like to apologize to my colleagues for not sharing the IoCs. Portable HWMonitor Installer (1...

Researcher shares IOCs for trojanized HWMonitor installer and fake CRYPTBASE.dll.

Read at source

Summary

A security researcher publicly disclosed indicators of compromise (IOCs) related to a trojanized HWMonitor installer and a malicious CRYPTBASE.dll file, apologizing for the delayed sharing. The artifacts suggest a supply-chain compromise or targeted distribution of legitimate software bundled with malware. The IOCs include specific file hashes and a link to the trojanized variant.

Indicators of Compromise

  • hash_sha256 — 3d91f442ddc055e19e3710482e1605836c799249dacd43d99843257a3affd2d2
  • hash_sha256 — a27df06c7167eced1ddaeb8adccaa5f60500f52bc7030389eed2a0903cdf8286
  • url — https://t.co/YGp90bQ0ck

Entities

HWMonitor (product)CRYPTBASE.dll (technology)