SHA256MediumSignal 88/100
189e5b3f190d1e4d80c879d35fde65281d71a022add2fe8ba52db2ab80ba621b
Location
First Seen
Apr 21, 2026
Last Seen
Apr 23, 2026
Found in 3 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
SHA-256 Hash
SHA-256 file hash — primary identifier for malware samples.
MISP Category
Artifacts Dropped
Hash Algorithm
SHA256
Confidence
88%
Signal Score
88 / 100
IDS Rule
No
Threat Context
Tags
Feed Intelligence Summary
3 reports88% confidence
3
Source reports
88%
Confidence score
Category tags
file-hashindicatoroverlaypeexeperuphdetresearchedsouth americawindows
Activity Timeline
Apr 23Apr 23
Threat Activity Heatmap
· Peak: 2026-04-23LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated
This Indicator of Compromise (IOC) represents a significant threat, evidenced by its high severity score of 88.28 and its association with known malicious software. The IOC, a SHA-256 file hash, is directly linked to malware families identified as 'Backdoor:Win32/Phdet.S' and 'Win.Malware.Oficla-6623012-0', indicating a potential backdoor or infostealer presence. Such malware can grant unauthorized remote access, facilitate data exfiltration, or deploy additional malicious payloads, posing a sev…
Threat ScoreHigh Risk
88
SIGNAL
Signal Score
88%
Confidence
3
Reports
First seenApr 21, 2026
Last seenApr 23, 2026
VirusTotal
Not checked
WHOIS
- description
- MS-DOS executable PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, MZ for MS-DOS
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 2 months ago · Last seen 2 months ago
Appeared in 3 threat reports