SHA256MediumSignal 100/100

`3279ca121cf8c14303d1681765151c1fea1c86b1b44514c5fc809a8e1dd52619`

Location

Barbados

First Seen

Mar 8, 2025

Last Seen

Jun 7, 2026

Mar 8

First Seen

460d ago

Jun 7

Last Seen

4d ago

Reports

source reports

99%

Confidence

medium

Found in 4 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

SHA-256 Hash

SHA-256 file hash — primary identifier for malware samples.

MISP Category

Artifacts Dropped

Hash Algorithm

SHA256

Confidence

99%

Signal Score

100 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

108 techniques

Feed Intelligence Summary

4 reports99% confidence

Source reports

99%

Confidence score

Category tags

abuseacademic institutionsaccommodation and food servicesaccommodation servicesactive scanningagricultural supply chainagricultural technologyagriculture, forestry, fishing and huntingahsalbertaalberta doctorsalberta health servicesalberta medical associationalberta ndpalberta ucpalbertandpanguillaanti-vmantiavantivmarcharubaasiaaustraliaauthentication attackautomotive manufacturingbangatbankingbarbadosbitcoinblockchainbotname httpbotnetbrute forcebrute force attackbypasscanadacanadian governmentcanadian government targetcanadian infrastructurecapachachacity of edmontoncivil servicescode injectioncommand and controlcommodity contracts intermediationcommunication protocolcommunication technologiescommunity analysiscompromised infrastructurecompromised websitecomspecconnect careconnectcare albertaconsumer goodscookiecosta ricacovenent healthcredential accesscredential brute forcecredential compromisecredential harvestingcredential stuffingcredit card servicescrop productioncrypto exchangecrypto miningcrypto walletcryptocurrencyct6fncuraçaocustomcustom rulesdata accessdata copyingdata encryptiondata exfiltrationdata exfiltration attemptdata transferdecentralized financedenial of servicedetect-debug-environmentdgadigital currencydisruption of servicesdistributed attacksdotnetduncanedmonton police serviceseducationeducation sectoreducational resourceseducational serviceseducational technologyeduroamelectronic health recordselectronics manufacturingencryptencryptionenergyenergy distributionenergy sector targetenfalentityenumerationerroreuropeexternal threatextortionfarmingffssfile-hashfinancefinance and insurancefinancial servicesfinancial technologyfindfleet managementfood productionfood servicesfreight servicesftpftp brute forcefunctionfusiongermanygovernment of albertagovernment sector targetinggovernment technologyguest serviceshackedhealth care and social assistancehealth information technologyhealthcare information systemshealthcare sectorhigher educationhospital managementhospitality technologyhostshotelshttp brute forcehttp scannerhttp scanninghttpsimpactindicatorindigenous territoryindustrial automationindustrial iotindustrial productioninfoinformation technologyinfostealeringress tool transferinitial accessinjectinstallit infrastructureit4us cloneit4us ransomwarek-12 educationkeylogkgs0kgso activitykls0klso activitylateral movementlateral movement attemptslivestock managementloggermachomalcore analysismalcore iocsmalicious downloadmalicious softwaremalwaremalware analysismalware distributionmanufacturing technologymaritime transportmarkmazemedical servicesmetadata analysismexicomineministry of healthmiragemobile carriersmobile networksmodelnaikonnetherlandsnetwalkernetwork attacksnetwork exploitationnetwork intrusionnetwork probingnetwork protocolnetwork reconnaissancenetwork scanningnetwork securitynetwork service scanningnjratnorth americanortonnotifyoceaniaoil & gasolyxopenssloperating systempassenger transportationpassword attackspatient carepayment processingpeexeperuphilippinesphishingphishing attackpipespleaseplugxpolandpossible apt activitypossible credential accesspost-compromise activitypost-incident analysispotential data breachpotential data exfiltrationpotential malwarepower generationpower systemsprecision agricultureprocessprocess injectionprocess manufacturingprotocol exploitationpublic administrationpublic infrastructurepublic policyquality controlrail transportransomwareransomware infectionrcmprcmp abrcmp kelownareconnaissanceregulatory agenciesremote accessremote access trojanremote servicesrenewable energyresearchedrestaurant operationsretail traderiseprorogersrooterrootkitsafenetsandboxscanidserviceservice disruptionservice executionshellsint maarten (dutch part)slovakiasmb scanningsocial engineeringsocial media securitysoftware developmentsouth americassh attacksturgeon lakesupply chain managementsustainable agriculturesystem disruptiont1003t1005t1007t1010t1012t1016t1018t1021t1021.001t1021.002t1027t1030t1033t1040t1046t1047t1053t1053.005t1055t1056t1057t1059t1059.001t1059.003t1059.004t1059.005t1059.007t1068t1069.001t1070t1071t1071.001t1071.004t1076t1077t1078t1082t1083t1087t1090t1090.001t1090.002t1105t1110t1110.001t1110.002t1110.003t1110.004t1112t1115t1129t1133t1134t1140t1189t1190t1195t1199t1204t1204.001t1205t1210t1213t1218t1222t1485t1486t1490t1491t1496t1497t1499.002t1499.003t1518t1539t1543t1547t1552t1553t1555t1562.001t1563t1565t1566t1566.001t1566.002t1566.003t1567t1567.002t1569t1583t1583.001t1583.002t1583.003t1583.004t1589t1590t1590.001t1590.002t1590.003t1590.004t1592t1595t1595.001t1595.002t1595.003t1598t1614targeted attacktc energytcp protocoltcp scanningtelecom servicestelecommunicationstelnet threattelusthird-party compromisethorthreat actortourismtransportation and warehousingtransportation infrastructuretransportation technologytreaty 6treaty 6 territorytreaty 7treaty 7 territorytreaty 8treaty 8 territorytreaty sixtrinidad and tobagoualbertaukraineunauthorized accessunited kingdomunited statesuniversity of calgaryvirgin islands, u.s.virustotal analysiswabotwarpwctcwealth managementweb exploitationweb trafficwebsite defacementwin32 malwarewindowwindowswindows malwarewritextremeratyara ruleyara rule matchyayih

Activity Timeline

1 total obs

Jun 7Jun 7

Threat Activity Heatmap

· Peak: 2026-06-07

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

Minimal

30d

Minimal

3mo

Minimal

Threat ScoreHigh Risk

100

SIGNAL

Signal Score

99%

Confidence

Reports

First seenMar 8, 2025

Last seenJun 7, 2026

VirusTotal

Not checked

WHOIS

references: https://www.virustotal.com/graph/g6a8d91e09c9f4f718cd57c91e1e13aef5207b3d4c97a42e2b14b672a8b59c29c, https://www.virustotal.com/gui/domain/enochnation.ca/community, https://www.virustotal.com/graph/embed/gdef52451e74740eaabbbcc6db2209b722e6a17129ba94f4eb92fa176bcea66f7?theme=dark, https://www.virustotal.com/gui/collection/525d014c83ee92554cb6a88685ba822e147f30dbc797a18b6071081a109b7dcb, https://www.virustotal.com/gui/collection/525d014c83ee92554cb6a88685ba822e147f30dbc797a18b6071081a109b7dcb/iocs, https://viz.greynoise.io/analysis/16d9bc15-d3ed-4e71-9631-16742e511649, https://www.virustotal.com/graph/g36d42db72d704469b0071fa675d3459385ee5529eab24925851fac2b89ac95c4, https://www.virustotal.com/gui/collection/7eaf72c6d83e1a53843e882b3139de2f1adfb0694d941fc25711382f04550194/summary, https://www.virustotal.com/gui/collection/7eaf72c6d83e1a53843e882b3139de2f1adfb0694d941fc25711382f04550194/iocs, https://www.virustotal.com/graph/embed/g44bd45d852dc47059636e6dd4313a995ae2d247fe58745a6b270b46d0b330b39?theme=dark, https://viz.greynoise.io/analysis/5ba1fbf1-b14f-4ccb-b055-ed78f6154e51, https://app.malcore.io/share/652553f6aec33d70a1dbbd25/67ab2665782e1dfbf8ec2d3c, https://app.malcore.io/share/652553f6aec33d70a1dbbd25/681f8d9a33510abd7f7cb089 - Readable Strings, https://www.hybrid-analysis.com/sample/f6263e96056bbb4e0b750fea1d4aa466f39f52c6052ad42084d4371273d5d264, https://www.hybrid-analysis.com/sample/f6263e96056bbb4e0b750fea1d4aa466f39f52c6052ad42084d4371273d5d264/682236230d2a1dace50cac79, https://app.malcore.io/share/652553f6aec33d70a1dbbd25/681f8d9c33510abd7f7cb0cc - EXIF Data, https://app.malcore.io/share/652553f6aec33d70a1dbbd25/681f8d8933510abd7f7caf8a - YARA Rules, https://www.virustotal.com/graph/embed/gd7c52fa412654cc5b239a064a9891ffeba51cfdfcfa84bf291f2745751c6a686?theme=dark, https://www.virustotal.com/gui/collection/86de79c78794e2b83f5410218f1d7231b0e5acd7bd4f124186ed72d0817d6405, https://www.virustotal.com/gui/collection/d176151d51c4e95353544d4c6540cdfdc49d324b47fd3eb532cbe30bcaa46792, https://www.hybrid-analysis.com/sample/05af1781c1b97b7fff85d8eab5072f1fe4e6a7f6bc754c35d1d527f7ef3005c6/68093fa41e226b739d0d401b, https://www.hybrid-analysis.com/sample/05af1781c1b97b7fff85d8eab5072f1fe4e6a7f6bc754c35d1d527f7ef3005c6, https://www.filescan.io/uploads/68093f78218c4a98adde3f92/reports/7e5be6b9-0d5e-4a3b-bb19-4f72974b4207/overview, https://www.virustotal.com/graph/embed/g6ec84c0946bf424a9d95f11fc77dcaff262f4a13daa6464386b17bb2a0ed4bbf?theme=dark, https://www.virustotal.com/gui/collection/ba238f4d585b87abb85c126f927090cb866facfa9e4e2e0db8e307aff553397d, https://www.virustotal.com/gui/collection/ba238f4d585b87abb85c126f927090cb866facfa9e4e2e0db8e307aff553397d/graph, https://www.virustotal.com/gui/collection/ba238f4d585b87abb85c126f927090cb866facfa9e4e2e0db8e307aff553397d/iocs, 10.18.24: https://www.virustotal.com/graph/embed/g6ec84c0946bf424a9d95f11fc77dcaff262f4a13daa6464386b17bb2a0ed4bbf?theme=dark, https://www.virustotal.com/graph/embed/g01c31a9734354d3fa14dd33e4bf1ec770e47e5f31e58424a927132b65c0cc052?theme=dark, http://www.hybrid-analysis.com/file-collection/66fac68ee418a841c80f2f92, http://www.hybrid-analysis.com/file-collection/66fac9127c919f69780c6f51, http://www.hybrid-analysis.com/file-collection/66faca03bf2d577d0707447e, http://www.hybrid-analysis.com/file-collection/66faca7c1e2a6e5879090c09, http://www.hybrid-analysis.com/file-collection/66facaef84282adfb805d499, http://www.hybrid-analysis.com/file-collection/66fac600ca930ea26b059ede, http://www.hybrid-analysis.com/file-collection/66fac890b85c51f0a00bb153, http://www.hybrid-analysis.com/file-collection/66fac7f30821b4aa5f0666ed, http://www.hybrid-analysis.com/file-collection/66fac7871e2a6e58790909fe, http://www.hybrid-analysis.com/file-collection/66fac6de4c7499ee5303356c, http://www.hybrid-analysis.com/file-collection/66fac978202166e31d059f2e, http://www.hybrid-analysis.com/file-collection/66fac56e9086d458e6064fea, https://urlscan.io/api/v1/result/5dea4d73-564a-4a37-88ef-da841b2bb274/, https://urlscan.io/result/5dea4d73-564a-4a37-88ef-da841b2bb274/, https://www.virustotal.com/gui/collection/aa215ea9a4819e7b629171f16969657ad55a22269acc626b32d5625eb3c16d9d/community, https://www.virustotal.com/gui/collection/aa215ea9a4819e7b629171f16969657ad55a22269acc626b32d5625eb3c16d9d/iocs, https://www.virustotal.com/gui/collection/aa215ea9a4819e7b629171f16969657ad55a22269acc626b32d5625eb3c16d9d, https://www.virustotal.com/gui/collection/aa215ea9a4819e7b629171f16969657ad55a22269acc626b32d5625eb3c16d9d/graph, https://www.virustotal.com/graph/embed/gc3d0a481dd64463a889ad9f206727d9d87db106da3c34deb922a2ce7837d6577?theme=dark, https://www.virustotal.com/graph/embed/g99d61feda7554cba94972ae4110efe8acacfea236d6943d0bdc93dcbc7e9b60f?theme=dark, https://www.virustotal.com/graph/embed/ga26f4bba58834344a271a36d59827ec2154f655df6324f939f674b0d49e1290a?theme=dark, https://www.virustotal.com/gui/collection/40d6991f82d1a475ac48126d0fe7cd1481611146ae96cd496abf3f80955dda06, https://www.virustotal.com/gui/collection/40d6991f82d1a475ac48126d0fe7cd1481611146ae96cd496abf3f80955dda06/summary, https://www.virustotal.com/gui/collection/40d6991f82d1a475ac48126d0fe7cd1481611146ae96cd496abf3f80955dda06/iocs, https://www.virustotal.com/gui/collection/40d6991f82d1a475ac48126d0fe7cd1481611146ae96cd496abf3f80955dda06/graph, https://www.virustotal.com/gui/collection/e49552b5297eb28f2ec7245429e50fb363823c4683606ddb61c1d014b2238a6e, type,id 000d161246615fb8d5b30411c753420f82a881a9d7750639bbace67e1bb270a0 001155a72482c2ddd750b1e9c28633a7e13228e4e2b05f0ba585a395ac852b49 0014425cb6011c2086b6aeca5eee11368431356a68d173c2ff7ffef327c0ba86 0018686a02600f7da1a3f0981ce78bb6982480b14130a0cc2b8c8401bc1b8449 003bfd323f6366ac283b9f922d942d7c8f6070a2f2b919a719af7fc8e7c77995 00434aa911043b208854236a41c8e7a284185710ff67b52eea9f538f4151fa28 0063c0019a4ec47bc251753be3aca37c0d84699d34a99df83963364fe640c795 00651f483b685736596ebc95817b01c34382a4691b81701cc, https://www.virustotal.com/gui/collection/8d65d93130b4775903adbffbb53820d40bb9425dcf1848b806ffee65ee883984, https://www.virustotal.com/gui/collection/4b0d82fda81972be3f9373edf863a3bcf426aafc9a53927eedc0b694554de33f, https://viz.greynoise.io/analysis/52a90c2d-0774-46cd-bb66-79cb82c903fe - 07.03.24, https://www.ipvoid.com/whois/, https://leakix.net/search?scope=leak&q=alberta.ca, https://intelx.io/?s=albertandp.ca, http://ci-www.threatcrowd.org/domain.php?domain=albertandp.ca, https://accounts.google.com/v3/signin/identifier?continue=https%3A%2F%2Fsites.google.com%2Fstudent.concordia.ab.ca%2Fcybersecuritybriefi%2Fhome&followup=https%3A%2F%2Fsites.google.com%2Fstudent.concordia.ab.ca%2Fcybersecuritybriefi%2Fhome&ifkv=AdF4I74DbXz0axIgI_8-2HKe5uTaiHcEn5GDXdTMvWumG7pqQExSEV6IUvXUJDoG9Ra0ZgbhrlrC&osid=1&passive=1209600&flowName=GlifWebSignIn&flowEntry=ServiceLogin&dsh=S-1391668132%3A1721034538211512&ddm=0, https://www.virustotal.com/gui/collection/fa03bc30185a6ca5141b7bde8d25f826c2c3aff310b7aca9776f8d0a494e5497/iocs

`3279ca121cf8c14303d1681765151c1fea1c86b1b44514c5fc809a8e1dd52619`

MITRE ATT&CK TTPs

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy