SHA256MediumSignal 63/100
27f513a0af1bc5f2917c92004135cd77cba4004239967357bed4885a6b6ae7a7
Location
First Seen
Apr 16, 2026
Last Seen
Apr 23, 2026
Found in 3 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
SHA-256 Hash
SHA-256 file hash — primary identifier for malware samples.
MISP Category
Artifacts Dropped
Hash Algorithm
SHA256
Confidence
63%
Signal Score
63 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Feed Intelligence Summary
3 reports63% confidence
3
Source reports
63%
Confidence score
Category tags
acceptaddressbackbazaarbinarycalls processclassclosecmdlinecnamecountcrc32crlf lineddosdetail infodworderrorexploitation activityfile-hashfindfirstflagsfolders apifoundfull pathgeckogeneric windosget httphosthttp urlicons libraryindicatorinfoinjection activitykhtmlmalwaremitre attackms windowsmwdbnextnext connectionnone rticonoffsetopenoperating systemos2 executablepathpe64 librarypedllperupingprocess injectionprotocol levelremote servicesrequest headerresearchedresponse headerserviceshellsizesouth americat1010t1012t1014t1021t1021.001t1027t1055t1057t1069.001t1071t1078t1082t1090t1497t1542t1562t1574threat actortickcounttimeunicode textwin16 newin32 exewin32 malwarewindowwindowswindows malwarewindows ntwindows sandboxwindows xpwriteyara
Activity Timeline
Apr 23Apr 23
Threat Activity Heatmap
· Peak: 2026-04-23LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated
This Indicator of Compromise (IOC) represents a critical security alert, identified as a SHA-256 hash associated with highly suspicious and potentially malicious activity. With a score of 63.41, this IOC is classified as high-risk and warrants immediate attention due to its potential to facilitate severe compromises within our environment. Its presence suggests the execution of sophisticated malware capable of actions such as process injection, defense evasion, and establishing persistent contro…
Threat ScoreMedium Risk
63
SIGNAL
Signal Score
63%
Confidence
3
Reports
First seenApr 16, 2026
Last seenApr 23, 2026
VirusTotal
Not checked
WHOIS
- description
- PE32 executable (DLL) (GUI) Intel 80386, for MS Windows
- references
- https://vtbehaviour.commondatastorage.googleapis.com/000bdbb9556e3474630b36d57190d5dae719886a6cdecf824af6a456243ebf88_VirusTotal%20Jujubox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775372160&Signature=wARiO6wRTZGhS9vOpI%2BvoWxpe55%2BBlHjfTVS2m1fsb3%2FyiqXoI5x8uRNh6fj6Qp6DpePIZAM2MHvDzi%2B5TT6VWKI4zyyc%2BeVp9gihB0djBnCJr%2BKCB18kdFNBE%2BicOTMmx5aJ1hSjWQcOBYm9PMkZ6%2BhLzxX3gxTMneBKGhh0ckFJRTRfM2gKMfEPrOQ6aVgfkTWJUR9FQYz5g2qKGSDh1CCNlEzXhO33BEPI9fN, https://vtbehaviour.commondatastorage.googleapis.com/03a5d431bb42e7730a3ae3b3563cee73e7a782079cf56f57bad5fe665d261e54_SecneurX.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775372244&Signature=fXjnCgFbGybFp%2BCRO6a%2FQ3LKU2uLiKNtjgwKzprL3LFL%2BTMgup6nbp7%2F9Hxy8bnBzlFtSzO0fcnf%2FpIsNim0UdrINmB63N9mKkBW1cOkjxV88PAy2nsFZA3FjOEYq4N0lgc8gAtS5eRTt%2Bwb7WjEnd3QQ7aPLuoVl2hjed4hC8Cit6efcSD9GbJCITMeX4%2FVHBYSjmDr4Pgip9ANSZ6wvzkRktqPpC23Qwl62gkuXE%2BKp0s%2Bq%, https://vtbehaviour.commondatastorage.googleapis.com/14116af49a976b71f7ddd760161a1d50328baa280ac2c9a1f9f3a8996a3929b6_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775372327&Signature=bhG0zZxkKhoz9temkLENxZsdN9KeMsxW4nt2II1lmaPLEGAhNM4EmX5e7z1UM9LLsnqrvuZBhQs7ZnBuwSpY5T8iiKIu2%2FfZ83pX1Tw8s%2Bn%2BfXlEl3jlhzXWewZ9i8ZlXd6YIeWETsAak1j93aNnJHB2IPoZn7VISupTj400x7E%2FSm0ilDz4zCCDAjz1eTp1N41HvmoviGQGwTSnjTW5oyBHDm8RglOnnNqcEsm6%2BkGBJToFomLsipvuVIz8, https://vtbehaviour.commondatastorage.googleapis.com/39c58d0f868d4e8d1b959dce19d0bbcc57bb8b9b832f9efbe4e2244051237b95_Tencent%20HABO.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775372451&Signature=Dv9FcZuWlVKlY26EcoSmR4Kcb44tKDv4kyBrDOputdJDLMvfDX9%2Fs4Ss4cLURTdCso74wPUHQpcMVcyeGGK%2F3RwYbxXwJjMGGAJSCfCxIDRiL%2BLOQKY3M7zGyXrkpuwr5lQS4CaKp1LFajsxxwnKpd%2F5eXNMLqlyxh%2ByO3dJWTkY8WqNnnwnSjW0lqpwB9%2BBjgEdIeWsnMRqF0t4JQ8dJsmCbbTXmAKIEZ46Rpio044%2BrsqH, https://vtbehaviour.commondatastorage.googleapis.com/539dc26a14b6277e87348594ab7d6e932d16aabb18612d77f29fe421a9f1d46a_Yomi%20Hunter.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775372560&Signature=tXBHkUCyFp7E2Um%2FMUvRPbUvaQmYPeBV7KGbi%2Bssa%2FkYQyqgH4u8fy6h0A8bVbsyQMMPf2EEF2JkzkiD6SXcfLADGdVqHYQya%2F6s2Ox5QnOFkJSATlDdXCWVp%2F4wHxZHInIRcrBPZFjjYFQM0u7VYCEMtkMCS0pzld2nGLlcOuOXBFxGTQPy0A03dikBC4Yw4f%2BdiMLMxO0hxZSo9FxPq1ylB4gs57NBBniylVO4Qi%2BLzleU5, https://vtbehaviour.commondatastorage.googleapis.com/0ab7fad77871a45137c9f2e40e3cbf47e3d71315f71c8eca9c8d62bc24a53184_VirusTotal%20Jujubox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775372878&Signature=cLNwLw1L9ZCpQXZej7DaLTWH5w887X5wPnSpN1pwH2N4acSu8Llp25uprGRArg6qCuPbVQ2YPyIeCdwLCZvq%2FU0hP8m17ZPontiyR5zKb7jxcW57eEUuVnuSV9%2FnukwtPPJ%2BTY7a0%2B9rwSAU%2FL%2FJQ1yMke6VIX%2B%2F6KSWHgmLV%2F%2FR%2FbOxB0oZ4%2Fe%2Fsb2%2Fw12dZix7IY6c7wOj1OlWGQSkAZZsEoDw, https://vtbehaviour.commondatastorage.googleapis.com/01f09136cb86f25635f91144946847d58c559228d50d9b84b0c021d4091b840b_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775373052&Signature=U7haY6XsgyJ83G1vAOPLrLLS%2BaMP9xAKOlnzSb4I9clIBLt9Y8xzP4qjfBxbeUfdF6s%2B6dtg4dXzqTjrAYSC3XOTEEtHZeK4ePz5qfS9n%2FWNrOKQb30VBhfUNL5DYUCd3XSOPjIVlbRz9ylDpwApfVK2AMarGiLLlnKRDv7M0S63SkQx8eWyabXd2afPPy96ZGNZVZfOhw5llZiztL6mYo%2BVivlyFsDcodH9F4XrS%2FPsSLeJRx5d, https://vtbehaviour.commondatastorage.googleapis.com/7605fa9aeaae25656c40a553534d35418cca40dc48023d0b3237b402361c6816_Dr.Web%20vxCube.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775373200&Signature=uMO8ESBCpu0oIIRS0CToWTN9KlOHyq4uWjWMjfdcUCGyliW%2FSy8KDIg6OMWLUQ6SBC45Jm0Mr%2FNV6m74hTSnpmGdVf6k6mA3QrTQwUMaMk2QbBLU1IwUG8wvylr6KXEqQYYCkZksYiZEyNm%2B2hKNvWtKFc%2BZlL7M12RBSER84%2FDRQlJnK6qbDW3DYX1tPsXxTynGj5YxQDlUqfWU8CjZtSAfUK%2Bw%2FoybwyMsJc68%2B01HQ, https://vtbehaviour.commondatastorage.googleapis.com/7605fa9aeaae25656c40a553534d35418cca40dc48023d0b3237b402361c6816_Tencent%20HABO.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775373283&Signature=KIPnPqQCcifTzuRS43FhFyzCXei0rDK20JuVvXA3UkB%2Bj6R1a4SAH2sn%2BJO1ohLSxLswzbryMf81lr4eGQCMbr3Wwfwo7kHN1yHV4M187cNxRZlbZ4%2BzOZZgfWt3bJNLx2Z4%2B4aqarco7OzqkhcQizlq8frRttJQjcLcNxgWD3oV2QDxZxurniW%2BhRRUS%2Bv9uGXWIRhWYmbEA%2BaoQsvpX0AIeSUCn4qb%2Fh31hJe7JitkCE, https://vtbehaviour.commondatastorage.googleapis.com/000007781f616194758c52c551ab2f198970675c9218eab9f1e4470f0a696e71_Tencent%20HABO.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775373373&Signature=mjvxt7z8ajbHZY%2BdL0G02pE7trUx7SkineLNrDSnq8FxmEuCuDdnNDWKdPawPb4w2NnK5HFkV3BAdTJrRNBxBceLP%2FevhdkmR4C%2BiZZ8pz9GBeqwl0l6oJMBga2ZHfKcA%2BxqQgP5r1zzN%2BZPMH0zxPdHYZA2WlzkfzPBDQcTEDdz8aTIaX%2BOP5JUo4gYjqxxxrdBLVGv0i54PedBqgFw5IRrPpdH%2FwlQGTLKQ%2BSjslq2d0, https://vtbehaviour.commondatastorage.googleapis.com/39c58d0f868d4e8d1b959dce19d0bbcc57bb8b9b832f9efbe4e2244051237b95_Tencent%20HABO.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775373454&Signature=oXNg992chHQhOJxpI2XcWdFB%2FxJme1ol4iA4aOgaKWQcqa9WXsYlPcTANPmFkyrHIciosnksXEJrIAfFsjAYeEqG%2F7oPGCQLBILFHUhwZVcoJR9PgFwUsHBu%2FqiWSOifVPER4vpDL0gbsuNlU6gHT5aWRW%2BwoOwbHSIt5jj%2FJ3%2FxGDBAUaZrSuQurOM0Nb3qRhNN1NOTUj7mGTuUBXdtvnzCFLjxl3Kk6dYYFgmwhWI04P3JIB
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 2 months ago · Last seen 2 months ago
Appeared in 3 threat reports