SHA256MediumSignal 100/100
88da2b1cee373d5f11949c1ade22af0badf16591a871978a9e02f70480e547b2
Location
PeruFirst Seen
Oct 24, 2024
Last Seen
Jun 6, 2026
Found in 17 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
SHA-256 Hash
SHA-256 file hash — primary identifier for malware samples.
MISP Category
Artifacts Dropped
Hash Algorithm
SHA256
Confidence
99%
Signal Score
100 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Feed Intelligence Summary
17 reports99% confidence
17
Source reports
99%
Confidence score
Category tags
abuseabuse elevationaccess tokenactive scanaerospace & defenseakiraakira v2applied researchautomotive manufacturingbad reputationbotnetbotnet activitybrute forcec2calls-wmichacha8cicada3301codecode executioncode injectioncommand & controlcommand and controlcommand executioncredential accesscredential harvestingcredential stuffingcrimecrypto cybercryptocurrencycyber threatcyber threatsdarkwebdata encryptiondata exfiltrationdata store exposuredefencedefensedefense contractingdefense logisticsdefense systemsdefense technologydetect-debug-environmentdevelopment labsdistributed attacksdouble-extortionelectronics manufacturingencryptionesxiexeexecutable fileexploitexploitation activityextortionfile-hashfinancefinancial servicesftp brute forceg1024higher educationidentity & access exploitationindicatorindustrial automationindustrial iotindustrial productioninfosecinfrastructure acquisitionreconnaissanceinjection activityinnovation managementiot securitylinuxlinux esxilong-sleepsmalmalicious activity indicatorsmalicious linksmalicious softwaremalwaremanufacturing technologymegazordmilitary operationsmultiple protocolsnational securityoperating systemosintpeexeperuphishingphishing attackprocess injectionprocess manufacturingproduct developmentprofessional servicespullquality controlr&d strategyransomransomexxransomwareremote accessremote servicesresearchresearch & developmentresearch methodologyresearchedrustscientific researchserviceshadowrootsocial engineeringsouth americassh attacksupply chain attacksupply chain managementsystem disruptiont1021t1021.001t1041t1055t1059t1069.001t1071t1071.001t1076t1078t1105t1110t1110.002t1134t1204.001t1486t1490t1496t1499.001t1499.002t1499.003t1548t1563t1565t1566.001t1566.002t1566.003t1573t1587.001t1589t1590.001t1595technology researchthreat actortimetor nodeveeamvmware esxivulnerability scanweb securitywin32 malwarewindowswindows malwarewinscp
Activity Timeline
Jun 6Jun 6
Threat Activity Heatmap
· Peak: 2026-06-06LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
1
Minimal
30d
1
Minimal
3mo
1
Minimal
Threat ScoreHigh Risk
100
SIGNAL
Signal Score
99%
Confidence
17
Reports
First seenOct 24, 2024
Last seenJun 6, 2026
VirusTotal
Not checked
WHOIS
- description
- PE32+ executable (GUI) x86-64, for MS Windows
- references
- https://blog.talosintelligence.com/akira-ransomware-continues-to-evolve/, Aug1.pdf, https://threatfox.abuse.ch/export/csv/recent/, https://bazaar.abuse.ch/export/csv/recent/, https://www.bitdefender.com/en-us/blog/businessinsights/akira-ransomware-a-shifting-force-in-the-raas-domain, https://www.virustotal.com/graph/embed/g9bec0ad29372434e856db80835a2da9c116ff5e3effb47a9b5c35c0d75932170?theme=dark, https://www.virustotal.com/gui/collection/37a0c6d74cd0109e266098da5551b302d25fbcb41d9f27ebf46b71a3bd43a6d7/iocs, https://darfe.es/ciberwiki/index.php?title=Akira_Stealer, https://github.com/TheRavenFile/Daily-Hunt/blob/main/Akira%20Ransomware, https://x.com/RakeshKrish12/status/1865285488896282641, https://labs.inquest.net/iocdb
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 6 days ago
Appeared in 17 threat reports