MD5MediumSignal 59/100

`17018a45cd565f1a290e271dc4062b05`

First Seen

Apr 9, 2026

Last Seen

Apr 14, 2026

Apr 9

First Seen

80d ago

Apr 14

Last Seen

75d ago

Reports

source reports

59%

Confidence

medium

Found in 3 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

MD5 Hash

MD5 file hash associated with malicious samples.

MISP Category

Artifacts Dropped

Hash Algorithm

MD5

Confidence

59%

Signal Score

59 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

17 techniques

Feed Intelligence Summary

3 reports59% confidence

Source reports

59%

Confidence score

Category tags

active scananalytics naasciiascii textattackbrute forcebusiness internet servicesbuttonchatclick-based attackclose logcode executioncode injectioncommand executioncontactcredential harvestingcredential stuffingcrlfcrlf linedefense evasionedit3iconerrorexecutable fileexploitation activityfile-hashfindgartnergdlnameget fiosgtmw2vn2cqguest systemhtml documenthtml pagehtmldivelementidentity & access exploitationindicatorinjection activityiot securityjava sourcejsonlearnlf linelte networkmac osmalicious activitymalicious linksmalwaremetadata analysismitre attacknetwork infonextoverview zenboxphishingphishing attackphone servicespng imagepng multimediaprocesses extraprogramransomwarereactresearchedrgbarotateccwiconsaveiconshopshop verizonshortcutitemsitesmallsocial engineeringsocial media securitysourcespansupportt1055t1055 processt1059t1059.007t1071t1082t1095t1190t1204.001t1204.002t1497t1518t1560t1562t1566.001t1566.002t1566.003t1574tag managerthreat actortitletor nodeunicode textupgradeuser executionutc amazonutc aw2761768utc aw685973utc bingutc dc685973utc dc9849921utc g12r1dx1lx7utc googleutf8 textverdictverizonverizon businessverizon business accountverizon business phoneverizon business planverizon business serviceverizon for businessvoiceweb exploitationxiconzip archive

Activity Timeline

1 total obs

Apr 14Apr 14

Threat Activity Heatmap

· Peak: 2026-04-14

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Dormant

3mo

Minimal

Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), an MD5 hash, represents a significant and credible threat to organizational security. Its presence within an environment strongly suggests a compromise or an active attempt to establish unauthorized access and control. The high associated risk score underscores the urgency of addressing this indicator, as it likely signifies the deployment of malicious code capable of extensive damage. Potential impacts include system compromise, data exfiltration, disruption …

Threat ScoreMedium Risk

SIGNAL

Signal Score

59%

Confidence

Reports

First seenApr 9, 2026

Last seenApr 14, 2026

VirusTotal

Not checked

WHOIS

description: ASCII C++ program text
references: https://vtbehaviour.commondatastorage.googleapis.com/087797e64cf016f13eac46473b4150d49c7eba564c894300f69bc643b059c980_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775739500&Signature=r1pLCgJf%2FQK8TvenCwXy9bnghFzjJ5QssdQSLP37SLv6EkA3WXuFUIvKrsXKokco7bMfQUy%2FArk8F6aP%2Bhaj16Jv7P%2FGB%2Blf7mPvs47VjwfBJRCP8AZLlWvO45%2BjC68v798csdJFPTP31O4yDOE3pXZ3EThm4nSrIwLPhTSPfi3cPlEh2wLSzcySW7BYLw%2BqCoawFCxeLUz7hIV0vC89Mlwi3DeS%2BEnWFF%2FsvT9lVJjdbLoJLEeO, https://vtbehaviour.commondatastorage.googleapis.com/087797e64cf016f13eac46473b4150d49c7eba564c894300f69bc643b059c980_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775739700&Signature=bOTo%2FxCpGDGOsIKJDZjBBhLZRg8UiOGi%2FvVr47Xpmh7tOh9dez7911bi%2F9SUdu4ATLhzRVog%2BdVP%2BUPwTuEfIdEcPuGRGVc1KOSP3fTQrKhRjF3x2dqykxVCH%2B1iqBmCgod%2B1uAdlraxqSOeOgst1l%2Bk250uXff4axktE%2BfGjeNDeGJao%2FfOMktqIL7zU8%2BIQYTObwelnnYx45FBSiXI1bWM4vhdgIX4cs2cT%2F, https://vtbehaviour.commondatastorage.googleapis.com/edb4c21d60daa44b3429e7ba9bfa342759ebef23c136c934f74aef145453ce19_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775737365&Signature=S%2B7RcHYjab1hbKlKwFfvUbDirFPJS1A2TJQ3bVIObMcON4PD9pRDvhMtYMCnEBrYsICi0UJCFW5eUDolL5Jlbngsc587kF36vvuhlkPprbkSOY1jOyDTpe3Qsb6jRFz3xwOfZc9S5QervoLnRKb%2FyGSyZE6ZK6TxzBrOPczPtZ7sLf9NfD6E%2B2gMRXaRjEqVwVITLG7YqCiiNuohFOuNlK3uNHFpIk53viKvBSAIqLtSklH9bHW4q1DX, https://www.verizon.com/business/, https://vtbehaviour.commondatastorage.googleapis.com/edb4c21d60daa44b3429e7ba9bfa342759ebef23c136c934f74aef145453ce19_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775737710&Signature=fbsokraSd7lsYmUfaTEl8Phs2K3hp7AtVmQU9axeEBcYmYbrrYrrfpP5lPEQaE%2Fh3%2BEP9Rn8mD8D1haqQVXCN0VVlxJ4sddjWmyC5USsgBsvUb0%2F72h1WHDS2KXHlteZWE%2Bauckabain9D5kX501AnqFY38s77OIqO6SMOkQ%2BvXiDSSRK%2FZhbfradBnei3ZLHsXGxkoshTyvB0%2BC%2F8SiUzdVsqSjik0Bn2r%2BIlLpDQK90GlZTD0N

`17018a45cd565f1a290e271dc4062b05`

MITRE ATT&CK TTPs

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey