SHA1MediumSignal 59/100

`3f08f07a4606514398c5ac3d25a5250ed6d873d5`

First Seen

Apr 9, 2026

Last Seen

Apr 14, 2026

Apr 9

First Seen

71d ago

Apr 14

Last Seen

66d ago

Reports

source reports

59%

Confidence

medium

Found in 3 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

SHA-1 Hash

SHA-1 file hash associated with malicious samples.

MISP Category

Artifacts Dropped

Hash Algorithm

SHA1

Confidence

59%

Signal Score

59 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

15 techniques

Feed Intelligence Summary

3 reports59% confidence

Source reports

59%

Confidence score

Category tags

active scananalytics naasciiascii textattackbrute forcebusiness internet servicesbuttonchatclick-based attackclose logcode executioncode injectioncommand executioncontactcredential harvestingcredential stuffingcrlfcrlf linedefense evasionedit3iconerrorexecutable fileexploitation activityfile-hashfindgartnergdlnameget fiosgtmw2vn2cqguest systemhtml documenthtml pagehtmldivelementidentity & access exploitationindicatorinjection activityiot securityjavajava sourcejsonlearnlf linelte networkmac osmalicious activitymalicious linksmalwaremetadata analysismitre attacknetwork infonextoverview zenboxphishingphishing attackphone servicespng imagepng multimediaprocesses extraprogramransomwarereactresearchedrgbarotateccwiconsaveiconshopshop verizonshortcutitemsitesmallsocial engineeringsocial media securitysourcespansupportt1055t1055 processt1059t1071t1082t1095t1204.001t1204.002t1497t1518t1560t1562t1566.001t1566.002t1566.003t1574tag managerthreat actortitletor nodeunicode textupgradeuser executionutc amazonutc aw2761768utc aw685973utc bingutc dc685973utc dc9849921utc g12r1dx1lx7utc googleutf8 textverdictverizonverizon businessverizon business accountverizon business phoneverizon business planverizon business serviceverizon for businessvoicexiconzip archive

Activity Timeline

1 total obs

Apr 14Apr 14

Threat Activity Heatmap

· Peak: 2026-04-14

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Dormant

3mo

Minimal

Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), a SHA-1 hash, is deemed highly significant due to its association with tactics and techniques commonly employed in initial access, execution, and defense evasion phases of sophisticated attacks. Its presence suggests potential compromise within the organizational environment, indicating that malicious code may have been executed, critical system information gathered, or defenses impaired. If left unaddressed, this IOC could facilitate further malicious activit…

Threat ScoreMedium Risk

SIGNAL

Signal Score

59%

Confidence

Reports

First seenApr 9, 2026

Last seenApr 14, 2026

VirusTotal

Not checked

WHOIS

description: Java source, ASCII text
references: https://vtbehaviour.commondatastorage.googleapis.com/087797e64cf016f13eac46473b4150d49c7eba564c894300f69bc643b059c980_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775739500&Signature=r1pLCgJf%2FQK8TvenCwXy9bnghFzjJ5QssdQSLP37SLv6EkA3WXuFUIvKrsXKokco7bMfQUy%2FArk8F6aP%2Bhaj16Jv7P%2FGB%2Blf7mPvs47VjwfBJRCP8AZLlWvO45%2BjC68v798csdJFPTP31O4yDOE3pXZ3EThm4nSrIwLPhTSPfi3cPlEh2wLSzcySW7BYLw%2BqCoawFCxeLUz7hIV0vC89Mlwi3DeS%2BEnWFF%2FsvT9lVJjdbLoJLEeO, https://vtbehaviour.commondatastorage.googleapis.com/087797e64cf016f13eac46473b4150d49c7eba564c894300f69bc643b059c980_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775739700&Signature=bOTo%2FxCpGDGOsIKJDZjBBhLZRg8UiOGi%2FvVr47Xpmh7tOh9dez7911bi%2F9SUdu4ATLhzRVog%2BdVP%2BUPwTuEfIdEcPuGRGVc1KOSP3fTQrKhRjF3x2dqykxVCH%2B1iqBmCgod%2B1uAdlraxqSOeOgst1l%2Bk250uXff4axktE%2BfGjeNDeGJao%2FfOMktqIL7zU8%2BIQYTObwelnnYx45FBSiXI1bWM4vhdgIX4cs2cT%2F, https://vtbehaviour.commondatastorage.googleapis.com/edb4c21d60daa44b3429e7ba9bfa342759ebef23c136c934f74aef145453ce19_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775737365&Signature=S%2B7RcHYjab1hbKlKwFfvUbDirFPJS1A2TJQ3bVIObMcON4PD9pRDvhMtYMCnEBrYsICi0UJCFW5eUDolL5Jlbngsc587kF36vvuhlkPprbkSOY1jOyDTpe3Qsb6jRFz3xwOfZc9S5QervoLnRKb%2FyGSyZE6ZK6TxzBrOPczPtZ7sLf9NfD6E%2B2gMRXaRjEqVwVITLG7YqCiiNuohFOuNlK3uNHFpIk53viKvBSAIqLtSklH9bHW4q1DX, https://www.verizon.com/business/, https://vtbehaviour.commondatastorage.googleapis.com/edb4c21d60daa44b3429e7ba9bfa342759ebef23c136c934f74aef145453ce19_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775737710&Signature=fbsokraSd7lsYmUfaTEl8Phs2K3hp7AtVmQU9axeEBcYmYbrrYrrfpP5lPEQaE%2Fh3%2BEP9Rn8mD8D1haqQVXCN0VVlxJ4sddjWmyC5USsgBsvUb0%2F72h1WHDS2KXHlteZWE%2Bauckabain9D5kX501AnqFY38s77OIqO6SMOkQ%2BvXiDSSRK%2FZhbfradBnei3ZLHsXGxkoshTyvB0%2BC%2F8SiUzdVsqSjik0Bn2r%2BIlLpDQK90GlZTD0N

`3f08f07a4606514398c5ac3d25a5250ed6d873d5`

MITRE ATT&CK TTPs

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey