PSYC-OTX-6a10949191ce7d3c3f2f8105

OTX: From edge appliance to enterprise compromise: Multi-stage Linux intrusion via F5 and Confluence

The full record for one case — how Classifyline rated it, what Scoutline observed, the evidence Sealine encrypted, where Routeline may send it, and every ledger entry it produced.

how to use this view

How to use. Read the cards top-to-bottom — classification, observables, sealed package, routes, ledger. Hit ▶ case journey for the animated walk-through.

What you're seeing. Every worker line's output for this one case: how it was rated, what was observed, what was encrypted and to whom, where it would route, and the audit rows it produced.

Why it matters. Nothing sensitive leaves psyc without a human seeing the full reasoning chain — this page is that chain, for one case.

Classification

Severity: medium
TLP: GREEN
Incident type: malware
Internal class: D

Confidence

Level: medium
Source reliability: C
Information credibility: 3

Source

Type: threat_intel
Reference: https://otx.alienvault.com/pulse/6a10949191ce7d3c3f2f8105
Observed: 2026-05-22 17:38 UTC
Ingested: 2026-05-25 14:56 UTC

Observables

Hashes

710a9d2653c8bd3689e451778dab9daec0de4c4c75f900788ccf23ef254b122a
4a927d031919fd6bd88d3c8a917214b54bca00f8ddc80ecfe4d230663dda7465
57b3188e24782c27fdf72493ce599537efd3187d03b80f8afe733c72d68c5517
b4592cea69699b2c0737d4e19cff7dca17b5baf5a238cd6da950a37e9986f216
bdd5da81ac34d9faa2a5118d4ed8f492239734be02146cd24a0e34270a48a455

Routes

2 allowed · 2 blocked

MISP-Community priority 2 · stix_indicators · max_tlp AMBER

URLhaus priority 3 · malware_url_report · max_tlp GREEN

CERT-Bund country_mismatch

AbuseIPDB tlp_exceeded