SHA256MediumSignal 29/100

`66a3836b9a17771bce2161f6b73cbc2494a91e49d6aa30d2d53711e8d10de60d`

First Seen

Jun 4, 2026

Last Seen

Jun 7, 2026

Jun 4

First Seen

11d ago

Jun 7

Last Seen

7d ago

Reports

source reports

29%

Confidence

medium

Found in 2 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

SHA-256 Hash

SHA-256 file hash — primary identifier for malware samples.

MISP Category

Artifacts Dropped

Hash Algorithm

SHA256

Confidence

29%

Signal Score

29 / 100

IDS Rule

Threat Context

Feed Intelligence Summary

2 reports29% confidence

Source reports

29%

Confidence score

Category tags

atlas ratfile-hashfirst seenindicatorransomwarerar archiveresearchedromulusloadersilentrunloadersyncfuture zipzip archive

Activity Timeline

1 total obs

Jun 7Jun 7

Threat Activity Heatmap

· Peak: 2026-06-07

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Minimal

3mo

Minimal

Threat ScoreLow Risk

SIGNAL

Signal Score

29%

Confidence

Reports

First seenJun 4, 2026

Last seenJun 7, 2026

VirusTotal

Not checked

WHOIS

description: The Chinese-speaking cybercriminal ecosystem has grown dramatically in recent years. Many of the threats observed in the landscape are descendants of malware first used by Chinese espionage threat actors, namely Gh0stRAT and related payloads, and frequently targeted Chinese-speaking users. But as Chinese-speaking cybercriminals develop better capabilities in malware, social engineering, and global targeting, their footprint is expanding, and more actor clusters are emerging. In this report, we’ll dive into TA4922, a newly designated Chinese-speaking threat actor largely targeting East Asia.

`66a3836b9a17771bce2161f6b73cbc2494a91e49d6aa30d2d53711e8d10de60d`

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy