SHA256MediumSignal 51/100

`0196ce72004f28b9d09a10d42b0a28ffac1dd8c80795610df7d63070d9ad5ff2`

Location

Peru

First Seen

Apr 17, 2026

Last Seen

Apr 23, 2026

Apr 17

First Seen

60d ago

Apr 23

Last Seen

54d ago

Reports

source reports

51%

Confidence

medium

Found in 3 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

SHA-256 Hash

SHA-256 file hash — primary identifier for malware samples.

MISP Category

Artifacts Dropped

Hash Algorithm

SHA256

Confidence

51%

Signal Score

51 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

1 techniques

Feed Intelligence Summary

3 reports51% confidence

Source reports

51%

Confidence score

Category tags

acceptactivatorapis nothingardoasciiascii textbazaarborland delphicalls processcape sandboxcauliflowerclasscnamecombellcommand linecouriercrlf linecus odigicertdarkgateddosdelphidetail infodns attackdoctype htmldos borlanddos executabledropped infodrops pedump fileexecutable fileexploitation activityfile-hashfiles cfindformatfoundfri janfri octfull namefull pathgeneratorgeneric windosglobal g3greengreyguardguest systemheadhttpsieedgeinc cndigicertindicatorinfointelinterjsonkey identifierlinux verdictlittle endianmachine summarymalwaremetamitre attackms windowsmsdosmutexes nothingmwdbnetwork capturenetwork infonextnext generationnoscriptnot availablenothingnumberoffsetoverlayoverview zenboxparent pidpcappe filepe32 compilerpe32 executablepeexeperforms dnsperuphishingportprocesses extraprogramransomwareread filesread registryregistry keysresearchedscriptservershellsigmasocketsouth americassdeepstylet1055t1055 processtextthreat actortickcounttitletls ecctor nodeunixurlsv3 serialvalue averdictwindowwindowswindows sandboxwireshark pcapx509v3 subjectx81e x81ex81i x81ix82xec x82xecx83xc4 x83xc4x8be x8bexc1 xxc4 xc4xcaxdb xcaxdbxf3x86 xf3x86xffu xffu

Activity Timeline

1 total obs

Apr 23Apr 23

Threat Activity Heatmap

· Peak: 2026-04-23

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Dormant

3mo

Minimal

Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), a SHA-256 hash, represents a critical threat requiring immediate attention. With a high score of 51.37 and no whitelist status, it is strongly associated with malicious activity, likely a multi-component malware or sophisticated attack tool. The presence of this hash within an environment indicates a high probability of system compromise, potentially leading to unauthorized code execution, defense evasion through process injection, and establishment of persist…

Threat ScoreMedium Risk

SIGNAL

Signal Score

51%

Confidence

Reports

First seenApr 17, 2026

Last seenApr 23, 2026

VirusTotal

Not checked

WHOIS

description: PE32 executable (GUI) Intel 80386, for MS Windows, Nullsoft Installer self-extracting archive
references: https://vtbehaviour.commondatastorage.googleapis.com/fb83210a8a2d58af1d2fe5edf812be88b5465c130c3e8a091626bc0a2d6452ae_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776415519&Signature=e1YxGtIahtkD9VKQTSuo9BFhC4KNicXASSfPf7LiJhYyR2OQOLXoHJjgEUtHCAfeZU7VSacymMfJJhx7M2NXSaPyv5cdsCUWfzeTKwyFqM06pSuq7HqYUJIh2%2BG3bz87h0m%2FMFuU5d0MXdwN9ykL%2FJ8EB4RuyKhfY%2FjBGZMZA0nVn5dQtQ1GySJiLj%2BWsKXQxsYVy%2FBok8h2n2m7EE923RSv%2BkkdQHO3enQf2ikR%2FU%2BtEN4S7xO2, https://vtbehaviour.commondatastorage.googleapis.com/b71ddf3175c9e6b41f143207c6e74a9c327a362b3a1ce7e0282ceae2ad513b3b_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776415599&Signature=O7Nc7o9GEFU3sFGIZv58PwBR8rG8MIwYQTmDyTNIUlHEEpmUY2Bttz0797jnr4%2BjT%2BCd1r%2BRad4nV4HLruG5QACAgOnQKjtSn%2FhWNes5q1y2qu46J%2BwCUFqmrr%2BpM6MjMmILZUqSezFzC5Fs%2Fnn4iBIQpYxJ8e4sJMXVIONcDkWLhycQk5rVr%2FV7G6tU0yAkoavXhpyrSGqR2Ee9QAoAXLWdixJ0rLJ85yQxWFr0E%2F7%, https://vtbehaviour.commondatastorage.googleapis.com/9e4f036dd6fbb45ce414cb5d040b3255b5ccc9ecacbfaf022b631545f9a19a02_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776415622&Signature=NJmj0XG%2BcAwpEa26%2B7ucV3CTWcwrSwSV%2BU62aYx0yDVYzZH70ROLK9%2F2lUy0IuC6n88oOTLoikSC4GRgUVypFQpmJoKQpkPvHZ1SfyklCtIWurZJYZvHSZs32JL0l6t3eEwW61xDg%2FICvOFlPQ0Aju7Hk1ntOY82jD%2B9dVw179jdF3A5jzGDrcr7mP17tnwZcOI0pVfF0ZhtbJL6SCHXBce%2BWS5zRxV2VgXHqrGYl0XLgpK6MD30wBFT, https://vtbehaviour.commondatastorage.googleapis.com/9e4f036dd6fbb45ce414cb5d040b3255b5ccc9ecacbfaf022b631545f9a19a02_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776415648&Signature=gOGhlxTumFXkKGryYSeJV8%2BMONZwbp%2BS3ntsErndc02nffG6DHW%2FbU0CVbVSOp3lIZkIt2qx7a%2BTsm2IItEWtGIN55fG14UxsBfo1Gf8bukZC4u5KoQKrVSYuV9aASUd5oCoTo0iIp%2BVCokHRdLbF259Fld%2FjlgJGL%2FVoLiGxXwkbQaxZi5VN94eNl65FMGXLtoVUgbUk3FhXEIuLwwJJU8XnveqbCOzDS9PtPnPO7seXDaK, https://vtbehaviour.commondatastorage.googleapis.com/9e4f036dd6fbb45ce414cb5d040b3255b5ccc9ecacbfaf022b631545f9a19a02_VirusTotal%20Jujubox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776415662&Signature=ii4xZZXyeZqty%2B%2BwMuioMf90xxcdXimnQRoYesmvSMUfZNPn9hRsSBoDdFdqtcRFep%2BYsQiF4%2BKaDZPUzloaQ%2FeZkEhJokSi2P1NP1ymoIPZ5j%2F8XwTxCO0c%2BGbA%2BECIOWUC9IlgPTZfdCvd1wQiXe4sa1U0QVwZBDk%2B7GDXDJUVIOH6bc8cAZi8Q4QzBqOTaLamgqF1%2BC5uFbLSShJOLGiBZv6PRiQ2L2qk, https://vtbehaviour.commondatastorage.googleapis.com/0244cbf1fbf8809c335b9bbd8142c72e3bbb36881e0aacfba6000e0aaa048ba9_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776415703&Signature=L2WgcAgR2nm5cyc0SHe8nYGU6Db6r7Cvr%2F9INkp%2ByiPXoTK3tUwxH06Vr3YnW2wDr8eANqgqXGU09YoEUVEKuHs8veU6QWbaN3LrOaICSmq1tlHwJUE7sILNI3MnOjwZvzYeFCMmSLUOQ62k46HzTVnrFNBqaPIUNQiRsQFUz06TVaA9FxXxYKk2brVLRXiNew1RgDlMp%2BM9EnePR06vYsB9QXEgrblE7M51AU%2BpM09%2BGxukEzUG, https://vtbehaviour.commondatastorage.googleapis.com/1af55649a731abb95d71e2e49693a7bcf87270eb4f8712b747f7e04a0a2a3031_Yomi%20Hunter.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776415762&Signature=4Iu15AELs8158yzYffz716hQ5%2BDY4JHNeJeMzaSmkJrocvfpO7MMmB4MO5Zo%2Bs339dX%2Flb51NK%2Fd3eREGBJkNV3bvbEFaxv1hCO%2Fqge8%2FLnfKLSSRPJ48%2BGAVA22z0gYKvSPfYdGvownSV9GBevxmcIWZ%2F0VK57Mb1gHqvtWKs%2BMGgd4v%2FJJWCmjWx8xLomFVgrpD1boM0PxdVh3X21asN1DplbqcAZ%2Fd5WoOJYic, https://vtbehaviour.commondatastorage.googleapis.com/00000048b1c9e60c14a6619f0292dea96df7f10c11cfa9ae28693219c0ae844b_Tencent%20HABO.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776415832&Signature=AOcM9Dc%2B2gUBJnZxuNmagisQ8QYjno4RVZd6DZFo553Ws2tWbJ6lUHXGOGTxLZCRccqXY9h0WhcjRXW4EgojbjJxXCTLq1y%2BtxXjZShlepAg7uq2pbXGsBhUcbpS5Jj0upmosZUCtU4mq8fMyjA0Jufv7u%2F%2FhIwKCp6Q9NIixpAXFwNy8BWn%2FOh6em7B0TwRABvcvTsQC2PO%2FOq5J61VWow6JiR2o97x%2Fm1ChJyz%2FvGTsz, https://vtbehaviour.commondatastorage.googleapis.com/2490cba406c48127d4f19ec90640181b6fda91960640d126478a6695aab49c4a_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776416015&Signature=evkFEcpvJ0BNlw47zD%2Bgg2ETU%2FGcbGZI3U%2BLCDkaRH4IhSCbgDF9ABajkx7SCAFA2G%2BndDWCzqKkknqPMARKAJk2b5h%2Bu1Gq8uDozkg9GvP8exgs3%2Bw%2F40637%2BmzlgjutElGFcVRMMDWRF5QEvyEDJVUIXmKmLYmKDYM58fBA4IM2VfpV8BB6HJcySkkMk2J4Mhk9nut%2FIrmFjV99WEunuPKfIgnAataXIXzBGZJl2eJK1OEGK19, https://vtbehaviour.commondatastorage.googleapis.com/2490cba406c48127d4f19ec90640181b6fda91960640d126478a6695aab49c4a_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776416061&Signature=eIQtmFWS2GiSN%2F3bdQCKKOu9%2FiEoDqQYcEtVnvTTBu%2BZ5JFRAyRu7Tgxw5YyVb%2BXK66m6JTN4yIleNl669%2FfdMbOamF6hlF%2FZbucN1etgX%2B8Snq2xrhFN5xZvvWrQukcYlJQnz9s2WSByNnA2Lvi7dn3qQnZMVNcJwWLhL1ayyCBqpiDVaDMGTgQfLrVdec0Xknzzl70Ce70nSgQdxJ4Q%2FSzYtz9Khtk6hyaiBbYxsyiWQ, https://vtbehaviour.commondatastorage.googleapis.com/fb83210a8a2d58af1d2fe5edf812be88b5465c130c3e8a091626bc0a2d6452ae_VirusTotal%20Jujubox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776416202&Signature=f43IRerFiqRQ5ke71WfT2lNFf5Jf60FnKcTCpJGhgnSemoBx1iDNvbOs8rePJYHFEiffIuvjjnquRt51dziCswMktwhg8g7Tl3vVfnoYpuBzv6QT86so9sVcKWOt43wFnzCEH1RWrmQDe2jRBGL2Kvhqi%2B3i2iAFdZWCrxoAJtMJVqGVwXM5S7JnLR%2BklB1A5RQQReOEncgwClqKUHMPrSGjXgH%2FDernerWjOXghDL3V2fJ7EJ, https://vtbehaviour.commondatastorage.googleapis.com/c171805ee886339a1f5ee75f7ebfbb030d316f6ada7dd2dc6c795c0de6000a34_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776177598&Signature=3OaXWi9Bxykp1wiOQNdwBhSVh8X4mMPRcbHBESETUx1dPXdeEb1wMVgkjjvnvvnZ14XzPuL4vMeT%2BM6%2B8cU0CciC2%2B%2BGT%2Fb9mRX1cN%2FXaafCIMjd8vWaqZtK1dawDuh8iKwPBAcYgi6vCnMgp28hPTUgniT1p0WNyIRU3CJvLwPSEU28quYE2LfQp6%2FL8YplQb8mVS%2FgoyB71aRRbadnyiAysuNsHN1pdEaY402DuI5QYpc9B1odu5, https://vtbehaviour.commondatastorage.googleapis.com/c171805ee886339a1f5ee75f7ebfbb030d316f6ada7dd2dc6c795c0de6000a34_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776177637&Signature=BUiivmwCPsrCikfAjB28LBQHMVx%2FgTbehNpsMuz2VuoKMd%2FiRN1rhKYa8lS%2BTYZ1RNXXVqAR3ISVvI%2FmBIiPXTCg267f4DupHMvxLnZmQ7N0KqABTuh43x9kfuureCni9NLunQFSSWJwdt0KNQS3%2F57kVbeEOIzP7%2BcwyvyzuUpwFQR0d5Z6FniQUM0OXkWdAQwOXY3K%2FZlOIpXUtbyYLoXFI2SxAVG0cSF%2F5LRfI%2BqV, https://vtbehaviour.commondatastorage.googleapis.com/b5cbc5fb20fb38eeec1be1b9befddfb1fb4e74ebd6393c5a284600b4fd8edd72_Zenbox%20Linux.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776178045&Signature=hfNfMWMWKlkR0dmNZ4tTVvmgM0aQ3daOKDfK8yNihejr3kujfb37wAq3LmH7qtp%2BoiIbsDP06zGcG8dlexlRIuv37dwHofiSildpsN54e2zZ%2F%2Fn25cvnS2OqCOrlkZKLS4HfUQG4uDxTT6nCFFjtk1d88D7GRghUOiDYdLgbVfBW5DFTJ5bmDWA%2F%2FQn7%2BGjfOnnJonkxYfKJ0NAUYmESIbbNs2z4ZohntfXj28HJ8ofBVh09Vk, https://vtbehaviour.commondatastorage.googleapis.com/b5cbc5fb20fb38eeec1be1b9befddfb1fb4e74ebd6393c5a284600b4fd8edd72_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776178084&Signature=l9VaaMtAu36gwPzacEQuEKIUtylRuocPeqapPjRJQlHLBAGzVaxtTG4tKKub3yjMoWmZ2pKMlpvNWm3hp0Fnvoj9c1RoQqis7Bza5ZkPbTWPic23pN64nADTtHu%2FpwsHeBc5e7ODzJiPCloc2E7y8Fc0OyaCv%2BRvL9Cp746CDgls39HfPWI4ukTSy5F2TsRUo36dz76PT%2FubK3HFHzUNnsFLj%2BZ8iif%2BgE9FpwabJT5WlgvUiqpqna6tcVHl, https://vtbehaviour.commondatastorage.googleapis.com/b5cbc5fb20fb38eeec1be1b9befddfb1fb4e74ebd6393c5a284600b4fd8edd72_VirusTotal%20Jujubox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776178098&Signature=uIxrV8sFHqQAjkRjYKVDQ1S%2FeWLsS9K%2F9PqMGOdk9nETeHOFarhSPqnYVH3z5vORlVnlvKrk10heyaF9Ks%2BfMnudJoqDG6UjXULyT5HbpHKXvdQItgfeAH6ZSHI%2FRRvWIw%2BEJoYnPVIn3gczV1o5LnA5flIbFyXVb%2BwulQMPJnSdhvsQx7PFkAY%2Bukjs4CYlC%2FrL3k8ouSPhJezZgJX3oMBL%2Bgxl15NF20wkj3

`0196ce72004f28b9d09a10d42b0a28ffac1dd8c80795610df7d63070d9ad5ff2`

MITRE ATT&CK TTPs

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy