Cover Image

Threat Intelligence Data Feeds

This page provides a curated list of threat intelligence data feeds, focusing on imphashes for specific malware families and attack tools.


...track portable executable (PE) imports. Imports are the functions that a piece of software (in this case, the backdoor) calls from other files (typically various DLLs that provide functionality to the Windows operating system). To track these imports, Mandiant creates a hash based on library/API names and their specific order within the executable. We refer to this convention as an "imphash" (for "import hash").

Malware Families and Attack Tools

Company Info

Signalblur Cyber Threat Intelligence is a cybersecurity company that delivers exceptional services and empowers organizations with accessible, cutting-edge solutions. Our founder brings years of experience from a Fortune 50 company and building Cyber Security Operations Centers.


For any inquiries, please email us at