SHA256MediumSignal 29/100
40b41979b317406f8abc601677a3b93aaf6ef8ab8ac188b8f383735e388f13b5
Location
JapanFirst Seen
Jun 4, 2026
Last Seen
Jun 9, 2026
Found in 2 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
SHA-256 Hash
SHA-256 file hash — primary identifier for malware samples.
MISP Category
Artifacts Dropped
Hash Algorithm
SHA256
Confidence
29%
Signal Score
29 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Feed Intelligence Summary
2 reports29% confidence
2
Source reports
29%
Confidence score
Category tags
africaasiaatlas ratbritish indian ocean territoryeuropefile-hashfirst seengermanyindiaindicatorindonesiaitalyjapanmalaysiamalwareransomwarerar archiveresearchedromulusloadersilentrunloadersingaporesouth africasyncfuture zipt1005t1027t1041t1055t1055.001t1055.003t1055.012t1056.001t1105t1113t1119t1125t1140t1204.001t1204.002t1566t1566.001t1566.002t1566.003t1571t1573.001t1574.002t1598taiwanunited kingdomvalleyratzip archive
Activity Timeline
Jun 9Jun 9
Threat Activity Heatmap
LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreLow Risk
29
SIGNAL
Signal Score
29%
Confidence
2
Reports
First seenJun 4, 2026
Last seenJun 9, 2026
VirusTotal
Not checked
WHOIS
- description
- The Chinese-speaking cybercriminal ecosystem has grown dramatically in recent years. Many of the threats observed in the landscape are descendants of malware first used by Chinese espionage threat actors, namely Gh0stRAT and related payloads, and frequently targeted Chinese-speaking users. But as Chinese-speaking cybercriminals develop better capabilities in malware, social engineering, and global targeting, their footprint is expanding, and more actor clusters are emerging. In this report, we’ll dive into TA4922, a newly designated Chinese-speaking threat actor largely targeting East Asia.
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 9 days ago · Last seen 4 days ago
Appeared in 2 threat reports