SHA256MediumSignal 88/100
2eb2bacb501d51e9fa57fe03b0b29645f1441bbaf3508990d678c2312a244ca8
Location
First Seen
Apr 21, 2026
Last Seen
Apr 24, 2026
Found in 3 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
SHA-256 Hash
SHA-256 file hash — primary identifier for malware samples.
MISP Category
Artifacts Dropped
Hash Algorithm
SHA256
Confidence
88%
Signal Score
88 / 100
IDS Rule
No
Threat Context
Tags
Feed Intelligence Summary
3 reports88% confidence
3
Source reports
88%
Confidence score
Category tags
file-hashindicatoroverlaypeexeperuphdetresearchedsouth americawindows
Activity Timeline
Apr 24Apr 24
Threat Activity Heatmap
· Peak: 2026-04-24LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated
This Indicator of Compromise (IOC), a SHA256 file hash, represents a critical threat to organizational security and demands immediate attention. With a high score of 88.27 and no whitelist status, it is strongly linked to known backdoor malware families, specifically "Backdoor:Win32/Phdet.S" and "Win.Malware.Oficla-6623012-0". The presence of this file within the environment signifies a high probability of system compromise, potentially leading to unauthorized access, data exfiltration, and furt…
Threat ScoreHigh Risk
88
SIGNAL
Signal Score
88%
Confidence
3
Reports
First seenApr 21, 2026
Last seenApr 24, 2026
VirusTotal
Not checked
WHOIS
- description
- MS-DOS executable PE32 executable (GUI) Intel 80386 (stripped to external PDB), for MS Windows, MZ for MS-DOS
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 2 months ago · Last seen 2 months ago
Appeared in 3 threat reports