IoC (Indicator of Compromise)

Observable artefact linked to malicious activity. File hashes (MD5, SHA-256, ImpHash, ssdeep, TLSH), IPs, domains, URLs, registry keys, mutex names, named pipes, scheduled task names, service names. Shared between organisations using STIX (data model) over TAXII (transport).