IOC Radar
SHA256MediumSignal 51/100

36bf30051742c528d205c176f89d38ce37d997937b38da2d9a4a6201600b438e

First Seen
Apr 16, 2026
Last Seen
Apr 23, 2026
Apr 16
First Seen
58d ago
Apr 23
Last Seen
51d ago
3
Reports
source reports
51%
Confidence
medium
Found in 3 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
SHA-256 Hash
SHA-256 file hash — primary identifier for malware samples.
MISP Category
Artifacts Dropped
Hash Algorithm
SHA256
Confidence
51%
Signal Score
51 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

16 techniques

Feed Intelligence Summary

3 reports51% confidence
3
Source reports
51%
Confidence score
Category tags
acceptaddressbackbazaarbinarycalls processclassclosecmdlinecnamecode injectioncountcrc32crlf lineddosdetail infodworderrorexecutable fileexploitation activityfile-hashfindfirstflagsfolders apifoundfull pathgeckogeneric windosget httphosthttp urlicons libraryidleindicatorinfoinjection activityjskhtmllong-sleepsluamalwaremitre attackms windowsmwdbnextnext connectionnone rticonoffsetopenos2 executablepathpe64 librarypingprotocol levelrequest headerresearchedresponse headerserviceshellsizesourcet1010t1012t1014t1027t1055t1057t1059.007t1071t1082t1090t1190t1204.001t1497t1542t1562t1574threat actortickcounttimeunicode textweb exploitationwin16 newin32 exewindowwindows ntwindows sandboxwindows xpwriteyara

Activity Timeline

1 total obs
Apr 23Apr 23

Threat Activity Heatmap

· Peak: 2026-04-23
Less
More
Mon
Wed
Fri
Jun
·
·
·
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreMedium Risk
51
SIGNAL
Signal Score
51%
Confidence
3
Reports
First seenApr 16, 2026
Last seenApr 23, 2026

VirusTotal

Not checked

WHOIS

description
ASCII text, with CRLF line terminators
references
https://vtbehaviour.commondatastorage.googleapis.com/000bdbb9556e3474630b36d57190d5dae719886a6cdecf824af6a456243ebf88_VirusTotal%20Jujubox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775372160&Signature=wARiO6wRTZGhS9vOpI%2BvoWxpe55%2BBlHjfTVS2m1fsb3%2FyiqXoI5x8uRNh6fj6Qp6DpePIZAM2MHvDzi%2B5TT6VWKI4zyyc%2BeVp9gihB0djBnCJr%2BKCB18kdFNBE%2BicOTMmx5aJ1hSjWQcOBYm9PMkZ6%2BhLzxX3gxTMneBKGhh0ckFJRTRfM2gKMfEPrOQ6aVgfkTWJUR9FQYz5g2qKGSDh1CCNlEzXhO33BEPI9fN, https://vtbehaviour.commondatastorage.googleapis.com/03a5d431bb42e7730a3ae3b3563cee73e7a782079cf56f57bad5fe665d261e54_SecneurX.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775372244&Signature=fXjnCgFbGybFp%2BCRO6a%2FQ3LKU2uLiKNtjgwKzprL3LFL%2BTMgup6nbp7%2F9Hxy8bnBzlFtSzO0fcnf%2FpIsNim0UdrINmB63N9mKkBW1cOkjxV88PAy2nsFZA3FjOEYq4N0lgc8gAtS5eRTt%2Bwb7WjEnd3QQ7aPLuoVl2hjed4hC8Cit6efcSD9GbJCITMeX4%2FVHBYSjmDr4Pgip9ANSZ6wvzkRktqPpC23Qwl62gkuXE%2BKp0s%2Bq%, https://vtbehaviour.commondatastorage.googleapis.com/14116af49a976b71f7ddd760161a1d50328baa280ac2c9a1f9f3a8996a3929b6_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775372327&Signature=bhG0zZxkKhoz9temkLENxZsdN9KeMsxW4nt2II1lmaPLEGAhNM4EmX5e7z1UM9LLsnqrvuZBhQs7ZnBuwSpY5T8iiKIu2%2FfZ83pX1Tw8s%2Bn%2BfXlEl3jlhzXWewZ9i8ZlXd6YIeWETsAak1j93aNnJHB2IPoZn7VISupTj400x7E%2FSm0ilDz4zCCDAjz1eTp1N41HvmoviGQGwTSnjTW5oyBHDm8RglOnnNqcEsm6%2BkGBJToFomLsipvuVIz8, https://vtbehaviour.commondatastorage.googleapis.com/39c58d0f868d4e8d1b959dce19d0bbcc57bb8b9b832f9efbe4e2244051237b95_Tencent%20HABO.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775372451&Signature=Dv9FcZuWlVKlY26EcoSmR4Kcb44tKDv4kyBrDOputdJDLMvfDX9%2Fs4Ss4cLURTdCso74wPUHQpcMVcyeGGK%2F3RwYbxXwJjMGGAJSCfCxIDRiL%2BLOQKY3M7zGyXrkpuwr5lQS4CaKp1LFajsxxwnKpd%2F5eXNMLqlyxh%2ByO3dJWTkY8WqNnnwnSjW0lqpwB9%2BBjgEdIeWsnMRqF0t4JQ8dJsmCbbTXmAKIEZ46Rpio044%2BrsqH, https://vtbehaviour.commondatastorage.googleapis.com/539dc26a14b6277e87348594ab7d6e932d16aabb18612d77f29fe421a9f1d46a_Yomi%20Hunter.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775372560&Signature=tXBHkUCyFp7E2Um%2FMUvRPbUvaQmYPeBV7KGbi%2Bssa%2FkYQyqgH4u8fy6h0A8bVbsyQMMPf2EEF2JkzkiD6SXcfLADGdVqHYQya%2F6s2Ox5QnOFkJSATlDdXCWVp%2F4wHxZHInIRcrBPZFjjYFQM0u7VYCEMtkMCS0pzld2nGLlcOuOXBFxGTQPy0A03dikBC4Yw4f%2BdiMLMxO0hxZSo9FxPq1ylB4gs57NBBniylVO4Qi%2BLzleU5, https://vtbehaviour.commondatastorage.googleapis.com/0ab7fad77871a45137c9f2e40e3cbf47e3d71315f71c8eca9c8d62bc24a53184_VirusTotal%20Jujubox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775372878&Signature=cLNwLw1L9ZCpQXZej7DaLTWH5w887X5wPnSpN1pwH2N4acSu8Llp25uprGRArg6qCuPbVQ2YPyIeCdwLCZvq%2FU0hP8m17ZPontiyR5zKb7jxcW57eEUuVnuSV9%2FnukwtPPJ%2BTY7a0%2B9rwSAU%2FL%2FJQ1yMke6VIX%2B%2F6KSWHgmLV%2F%2FR%2FbOxB0oZ4%2Fe%2Fsb2%2Fw12dZix7IY6c7wOj1OlWGQSkAZZsEoDw, https://vtbehaviour.commondatastorage.googleapis.com/01f09136cb86f25635f91144946847d58c559228d50d9b84b0c021d4091b840b_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775373052&Signature=U7haY6XsgyJ83G1vAOPLrLLS%2BaMP9xAKOlnzSb4I9clIBLt9Y8xzP4qjfBxbeUfdF6s%2B6dtg4dXzqTjrAYSC3XOTEEtHZeK4ePz5qfS9n%2FWNrOKQb30VBhfUNL5DYUCd3XSOPjIVlbRz9ylDpwApfVK2AMarGiLLlnKRDv7M0S63SkQx8eWyabXd2afPPy96ZGNZVZfOhw5llZiztL6mYo%2BVivlyFsDcodH9F4XrS%2FPsSLeJRx5d, https://vtbehaviour.commondatastorage.googleapis.com/7605fa9aeaae25656c40a553534d35418cca40dc48023d0b3237b402361c6816_Dr.Web%20vxCube.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775373200&Signature=uMO8ESBCpu0oIIRS0CToWTN9KlOHyq4uWjWMjfdcUCGyliW%2FSy8KDIg6OMWLUQ6SBC45Jm0Mr%2FNV6m74hTSnpmGdVf6k6mA3QrTQwUMaMk2QbBLU1IwUG8wvylr6KXEqQYYCkZksYiZEyNm%2B2hKNvWtKFc%2BZlL7M12RBSER84%2FDRQlJnK6qbDW3DYX1tPsXxTynGj5YxQDlUqfWU8CjZtSAfUK%2Bw%2FoybwyMsJc68%2B01HQ, https://vtbehaviour.commondatastorage.googleapis.com/7605fa9aeaae25656c40a553534d35418cca40dc48023d0b3237b402361c6816_Tencent%20HABO.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775373283&Signature=KIPnPqQCcifTzuRS43FhFyzCXei0rDK20JuVvXA3UkB%2Bj6R1a4SAH2sn%2BJO1ohLSxLswzbryMf81lr4eGQCMbr3Wwfwo7kHN1yHV4M187cNxRZlbZ4%2BzOZZgfWt3bJNLx2Z4%2B4aqarco7OzqkhcQizlq8frRttJQjcLcNxgWD3oV2QDxZxurniW%2BhRRUS%2Bv9uGXWIRhWYmbEA%2BaoQsvpX0AIeSUCn4qb%2Fh31hJe7JitkCE, https://vtbehaviour.commondatastorage.googleapis.com/000007781f616194758c52c551ab2f198970675c9218eab9f1e4470f0a696e71_Tencent%20HABO.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775373373&Signature=mjvxt7z8ajbHZY%2BdL0G02pE7trUx7SkineLNrDSnq8FxmEuCuDdnNDWKdPawPb4w2NnK5HFkV3BAdTJrRNBxBceLP%2FevhdkmR4C%2BiZZ8pz9GBeqwl0l6oJMBga2ZHfKcA%2BxqQgP5r1zzN%2BZPMH0zxPdHYZA2WlzkfzPBDQcTEDdz8aTIaX%2BOP5JUo4gYjqxxxrdBLVGv0i54PedBqgFw5IRrPpdH%2FwlQGTLKQ%2BSjslq2d0, https://vtbehaviour.commondatastorage.googleapis.com/39c58d0f868d4e8d1b959dce19d0bbcc57bb8b9b832f9efbe4e2244051237b95_Tencent%20HABO.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775373454&Signature=oXNg992chHQhOJxpI2XcWdFB%2FxJme1ol4iA4aOgaKWQcqa9WXsYlPcTANPmFkyrHIciosnksXEJrIAfFsjAYeEqG%2F7oPGCQLBILFHUhwZVcoJR9PgFwUsHBu%2FqiWSOifVPER4vpDL0gbsuNlU6gHT5aWRW%2BwoOwbHSIt5jj%2FJ3%2FxGDBAUaZrSuQurOM0Nb3qRhNN1NOTUj7mGTuUBXdtvnzCFLjxl3Kk6dYYFgmwhWI04P3JIB

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

medium
First detected 1 month ago · Last seen 1 month ago
Appeared in 3 threat reports