SHA256MediumSignal 77/100

`5a9a0a35f35a2e81f4bd7d91bacfde7d85ed19b4dfc46d8523c6d30e56cbcb86`

Location

Peru

First Seen

Apr 17, 2026

Last Seen

Apr 23, 2026

Apr 17

First Seen

60d ago

Apr 23

Last Seen

55d ago

Reports

source reports

77%

Confidence

medium

Found in 3 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

SHA-256 Hash

SHA-256 file hash — primary identifier for malware samples.

MISP Category

Artifacts Dropped

Hash Algorithm

SHA256

Confidence

77%

Signal Score

77 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

1 techniques

Feed Intelligence Summary

3 reports77% confidence

Source reports

77%

Confidence score

Category tags

acceptactivatorapis nothingardoasciiascii textbazaarborland delphicalls processcape sandboxcauliflowerclasscnamecombellcommand linecouriercrlf linecus odigicertdarkgateddosdelphidetail infodirect-cpu-clock-accessdns attackdoctype htmldos borlanddos executabledropped infodrops pedump fileexecutable fileexploitation activityfile-hashfiles cfindformatfoundfri janfri octfull namefull pathgeneratorgeneric windosglobal g3greengreyguardguest systemheadhttpsieedgeinc cndigicertindicatorinfointelinterjsonkey identifierlinux verdictlittle endianmachine summarymalwaremetamitre attackms windowsmsdosmutexes nothingmwdbnetwork capturenetwork infonextnext generationnoscriptnot availablenothingnumberoffsetoverlayoverview zenboxparent pidpcappe filepe32 compilerpe32 executablepeexeperforms dnsperuphishingportprocesses extraprogramransomwareread filesread registryregistry keysresearchedruntime-modulesscriptservershellsigmasocketsouth americassdeepstylet1055t1055 processtextthreat actortickcounttitletls ecctor nodeunixurlsv3 serialvalue averdictwindowwindowswindows sandboxwireshark pcapx509v3 subjectx81e x81ex81i x81ix82xec x82xecx83xc4 x83xc4x8be x8bexc1 xxc4 xc4xcaxdb xcaxdbxf3x86 xf3x86xffu xffu

Activity Timeline

1 total obs

Apr 23Apr 23

Threat Activity Heatmap

· Peak: 2026-04-23

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Dormant

3mo

Minimal

Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), a SHA-256 hash, demands immediate attention due to its high threat score and association with critical attack techniques. It directly points towards potential malicious activity within an organizational environment, specifically leveraging process injection (T1055) to achieve unauthorized code execution and escalate privileges. Such a compromise could enable threat actors to establish persistent access, exfiltrate sensitive data, or deploy further destructive …

Threat ScoreHigh Risk

SIGNAL

Signal Score

77%

Confidence

Reports

First seenApr 17, 2026

Last seenApr 23, 2026

VirusTotal

Not checked

WHOIS

description: PE32 executable (GUI) Intel 80386, for MS Windows
references: https://vtbehaviour.commondatastorage.googleapis.com/fb83210a8a2d58af1d2fe5edf812be88b5465c130c3e8a091626bc0a2d6452ae_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776415519&Signature=e1YxGtIahtkD9VKQTSuo9BFhC4KNicXASSfPf7LiJhYyR2OQOLXoHJjgEUtHCAfeZU7VSacymMfJJhx7M2NXSaPyv5cdsCUWfzeTKwyFqM06pSuq7HqYUJIh2%2BG3bz87h0m%2FMFuU5d0MXdwN9ykL%2FJ8EB4RuyKhfY%2FjBGZMZA0nVn5dQtQ1GySJiLj%2BWsKXQxsYVy%2FBok8h2n2m7EE923RSv%2BkkdQHO3enQf2ikR%2FU%2BtEN4S7xO2, https://vtbehaviour.commondatastorage.googleapis.com/b71ddf3175c9e6b41f143207c6e74a9c327a362b3a1ce7e0282ceae2ad513b3b_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776415599&Signature=O7Nc7o9GEFU3sFGIZv58PwBR8rG8MIwYQTmDyTNIUlHEEpmUY2Bttz0797jnr4%2BjT%2BCd1r%2BRad4nV4HLruG5QACAgOnQKjtSn%2FhWNes5q1y2qu46J%2BwCUFqmrr%2BpM6MjMmILZUqSezFzC5Fs%2Fnn4iBIQpYxJ8e4sJMXVIONcDkWLhycQk5rVr%2FV7G6tU0yAkoavXhpyrSGqR2Ee9QAoAXLWdixJ0rLJ85yQxWFr0E%2F7%, https://vtbehaviour.commondatastorage.googleapis.com/9e4f036dd6fbb45ce414cb5d040b3255b5ccc9ecacbfaf022b631545f9a19a02_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776415622&Signature=NJmj0XG%2BcAwpEa26%2B7ucV3CTWcwrSwSV%2BU62aYx0yDVYzZH70ROLK9%2F2lUy0IuC6n88oOTLoikSC4GRgUVypFQpmJoKQpkPvHZ1SfyklCtIWurZJYZvHSZs32JL0l6t3eEwW61xDg%2FICvOFlPQ0Aju7Hk1ntOY82jD%2B9dVw179jdF3A5jzGDrcr7mP17tnwZcOI0pVfF0ZhtbJL6SCHXBce%2BWS5zRxV2VgXHqrGYl0XLgpK6MD30wBFT, https://vtbehaviour.commondatastorage.googleapis.com/9e4f036dd6fbb45ce414cb5d040b3255b5ccc9ecacbfaf022b631545f9a19a02_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776415648&Signature=gOGhlxTumFXkKGryYSeJV8%2BMONZwbp%2BS3ntsErndc02nffG6DHW%2FbU0CVbVSOp3lIZkIt2qx7a%2BTsm2IItEWtGIN55fG14UxsBfo1Gf8bukZC4u5KoQKrVSYuV9aASUd5oCoTo0iIp%2BVCokHRdLbF259Fld%2FjlgJGL%2FVoLiGxXwkbQaxZi5VN94eNl65FMGXLtoVUgbUk3FhXEIuLwwJJU8XnveqbCOzDS9PtPnPO7seXDaK, https://vtbehaviour.commondatastorage.googleapis.com/9e4f036dd6fbb45ce414cb5d040b3255b5ccc9ecacbfaf022b631545f9a19a02_VirusTotal%20Jujubox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776415662&Signature=ii4xZZXyeZqty%2B%2BwMuioMf90xxcdXimnQRoYesmvSMUfZNPn9hRsSBoDdFdqtcRFep%2BYsQiF4%2BKaDZPUzloaQ%2FeZkEhJokSi2P1NP1ymoIPZ5j%2F8XwTxCO0c%2BGbA%2BECIOWUC9IlgPTZfdCvd1wQiXe4sa1U0QVwZBDk%2B7GDXDJUVIOH6bc8cAZi8Q4QzBqOTaLamgqF1%2BC5uFbLSShJOLGiBZv6PRiQ2L2qk, https://vtbehaviour.commondatastorage.googleapis.com/0244cbf1fbf8809c335b9bbd8142c72e3bbb36881e0aacfba6000e0aaa048ba9_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776415703&Signature=L2WgcAgR2nm5cyc0SHe8nYGU6Db6r7Cvr%2F9INkp%2ByiPXoTK3tUwxH06Vr3YnW2wDr8eANqgqXGU09YoEUVEKuHs8veU6QWbaN3LrOaICSmq1tlHwJUE7sILNI3MnOjwZvzYeFCMmSLUOQ62k46HzTVnrFNBqaPIUNQiRsQFUz06TVaA9FxXxYKk2brVLRXiNew1RgDlMp%2BM9EnePR06vYsB9QXEgrblE7M51AU%2BpM09%2BGxukEzUG, https://vtbehaviour.commondatastorage.googleapis.com/1af55649a731abb95d71e2e49693a7bcf87270eb4f8712b747f7e04a0a2a3031_Yomi%20Hunter.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776415762&Signature=4Iu15AELs8158yzYffz716hQ5%2BDY4JHNeJeMzaSmkJrocvfpO7MMmB4MO5Zo%2Bs339dX%2Flb51NK%2Fd3eREGBJkNV3bvbEFaxv1hCO%2Fqge8%2FLnfKLSSRPJ48%2BGAVA22z0gYKvSPfYdGvownSV9GBevxmcIWZ%2F0VK57Mb1gHqvtWKs%2BMGgd4v%2FJJWCmjWx8xLomFVgrpD1boM0PxdVh3X21asN1DplbqcAZ%2Fd5WoOJYic, https://vtbehaviour.commondatastorage.googleapis.com/00000048b1c9e60c14a6619f0292dea96df7f10c11cfa9ae28693219c0ae844b_Tencent%20HABO.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776415832&Signature=AOcM9Dc%2B2gUBJnZxuNmagisQ8QYjno4RVZd6DZFo553Ws2tWbJ6lUHXGOGTxLZCRccqXY9h0WhcjRXW4EgojbjJxXCTLq1y%2BtxXjZShlepAg7uq2pbXGsBhUcbpS5Jj0upmosZUCtU4mq8fMyjA0Jufv7u%2F%2FhIwKCp6Q9NIixpAXFwNy8BWn%2FOh6em7B0TwRABvcvTsQC2PO%2FOq5J61VWow6JiR2o97x%2Fm1ChJyz%2FvGTsz, https://vtbehaviour.commondatastorage.googleapis.com/2490cba406c48127d4f19ec90640181b6fda91960640d126478a6695aab49c4a_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776416015&Signature=evkFEcpvJ0BNlw47zD%2Bgg2ETU%2FGcbGZI3U%2BLCDkaRH4IhSCbgDF9ABajkx7SCAFA2G%2BndDWCzqKkknqPMARKAJk2b5h%2Bu1Gq8uDozkg9GvP8exgs3%2Bw%2F40637%2BmzlgjutElGFcVRMMDWRF5QEvyEDJVUIXmKmLYmKDYM58fBA4IM2VfpV8BB6HJcySkkMk2J4Mhk9nut%2FIrmFjV99WEunuPKfIgnAataXIXzBGZJl2eJK1OEGK19, https://vtbehaviour.commondatastorage.googleapis.com/2490cba406c48127d4f19ec90640181b6fda91960640d126478a6695aab49c4a_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776416061&Signature=eIQtmFWS2GiSN%2F3bdQCKKOu9%2FiEoDqQYcEtVnvTTBu%2BZ5JFRAyRu7Tgxw5YyVb%2BXK66m6JTN4yIleNl669%2FfdMbOamF6hlF%2FZbucN1etgX%2B8Snq2xrhFN5xZvvWrQukcYlJQnz9s2WSByNnA2Lvi7dn3qQnZMVNcJwWLhL1ayyCBqpiDVaDMGTgQfLrVdec0Xknzzl70Ce70nSgQdxJ4Q%2FSzYtz9Khtk6hyaiBbYxsyiWQ, https://vtbehaviour.commondatastorage.googleapis.com/fb83210a8a2d58af1d2fe5edf812be88b5465c130c3e8a091626bc0a2d6452ae_VirusTotal%20Jujubox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776416202&Signature=f43IRerFiqRQ5ke71WfT2lNFf5Jf60FnKcTCpJGhgnSemoBx1iDNvbOs8rePJYHFEiffIuvjjnquRt51dziCswMktwhg8g7Tl3vVfnoYpuBzv6QT86so9sVcKWOt43wFnzCEH1RWrmQDe2jRBGL2Kvhqi%2B3i2iAFdZWCrxoAJtMJVqGVwXM5S7JnLR%2BklB1A5RQQReOEncgwClqKUHMPrSGjXgH%2FDernerWjOXghDL3V2fJ7EJ, https://vtbehaviour.commondatastorage.googleapis.com/c171805ee886339a1f5ee75f7ebfbb030d316f6ada7dd2dc6c795c0de6000a34_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776177598&Signature=3OaXWi9Bxykp1wiOQNdwBhSVh8X4mMPRcbHBESETUx1dPXdeEb1wMVgkjjvnvvnZ14XzPuL4vMeT%2BM6%2B8cU0CciC2%2B%2BGT%2Fb9mRX1cN%2FXaafCIMjd8vWaqZtK1dawDuh8iKwPBAcYgi6vCnMgp28hPTUgniT1p0WNyIRU3CJvLwPSEU28quYE2LfQp6%2FL8YplQb8mVS%2FgoyB71aRRbadnyiAysuNsHN1pdEaY402DuI5QYpc9B1odu5, https://vtbehaviour.commondatastorage.googleapis.com/c171805ee886339a1f5ee75f7ebfbb030d316f6ada7dd2dc6c795c0de6000a34_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776177637&Signature=BUiivmwCPsrCikfAjB28LBQHMVx%2FgTbehNpsMuz2VuoKMd%2FiRN1rhKYa8lS%2BTYZ1RNXXVqAR3ISVvI%2FmBIiPXTCg267f4DupHMvxLnZmQ7N0KqABTuh43x9kfuureCni9NLunQFSSWJwdt0KNQS3%2F57kVbeEOIzP7%2BcwyvyzuUpwFQR0d5Z6FniQUM0OXkWdAQwOXY3K%2FZlOIpXUtbyYLoXFI2SxAVG0cSF%2F5LRfI%2BqV, https://vtbehaviour.commondatastorage.googleapis.com/b5cbc5fb20fb38eeec1be1b9befddfb1fb4e74ebd6393c5a284600b4fd8edd72_Zenbox%20Linux.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776178045&Signature=hfNfMWMWKlkR0dmNZ4tTVvmgM0aQ3daOKDfK8yNihejr3kujfb37wAq3LmH7qtp%2BoiIbsDP06zGcG8dlexlRIuv37dwHofiSildpsN54e2zZ%2F%2Fn25cvnS2OqCOrlkZKLS4HfUQG4uDxTT6nCFFjtk1d88D7GRghUOiDYdLgbVfBW5DFTJ5bmDWA%2F%2FQn7%2BGjfOnnJonkxYfKJ0NAUYmESIbbNs2z4ZohntfXj28HJ8ofBVh09Vk, https://vtbehaviour.commondatastorage.googleapis.com/b5cbc5fb20fb38eeec1be1b9befddfb1fb4e74ebd6393c5a284600b4fd8edd72_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776178084&Signature=l9VaaMtAu36gwPzacEQuEKIUtylRuocPeqapPjRJQlHLBAGzVaxtTG4tKKub3yjMoWmZ2pKMlpvNWm3hp0Fnvoj9c1RoQqis7Bza5ZkPbTWPic23pN64nADTtHu%2FpwsHeBc5e7ODzJiPCloc2E7y8Fc0OyaCv%2BRvL9Cp746CDgls39HfPWI4ukTSy5F2TsRUo36dz76PT%2FubK3HFHzUNnsFLj%2BZ8iif%2BgE9FpwabJT5WlgvUiqpqna6tcVHl, https://vtbehaviour.commondatastorage.googleapis.com/b5cbc5fb20fb38eeec1be1b9befddfb1fb4e74ebd6393c5a284600b4fd8edd72_VirusTotal%20Jujubox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776178098&Signature=uIxrV8sFHqQAjkRjYKVDQ1S%2FeWLsS9K%2F9PqMGOdk9nETeHOFarhSPqnYVH3z5vORlVnlvKrk10heyaF9Ks%2BfMnudJoqDG6UjXULyT5HbpHKXvdQItgfeAH6ZSHI%2FRRvWIw%2BEJoYnPVIn3gczV1o5LnA5flIbFyXVb%2BwulQMPJnSdhvsQx7PFkAY%2Bukjs4CYlC%2FrL3k8ouSPhJezZgJX3oMBL%2Bgxl15NF20wkj3

`5a9a0a35f35a2e81f4bd7d91bacfde7d85ed19b4dfc46d8523c6d30e56cbcb86`

MITRE ATT&CK TTPs

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy