SHA256MediumSignal 18/100
8b0023248bc037631b26694f34d7bc8163e2d5f5919fe61f3dbc1354f87d6792
Location
Taiwan, Province of ChinaFirst Seen
Apr 7, 2025
Last Seen
Jun 7, 2025
Found in 3 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
SHA-256 Hash
SHA-256 file hash — primary identifier for malware samples.
MISP Category
Artifacts Dropped
Hash Algorithm
SHA256
Confidence
18%
Signal Score
18 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Feed Intelligence Summary
3 reports18% confidence
3
Source reports
18%
Confidence score
Category tags
aerospace & defenseanti-api hookingapacapac regionaptapt groupasiaasia-pacificattack vector: malwareautomotive manufacturingbankingbeaconbeacon communicationbotnetbrazilc domainc2 communicationchinachina-linkedchina-linked aptcivil servicescloser lookcobalt strikecobalt strike c2cobeacon ccobeacon frameworkcommand and controlcommunication technologiesconsumer goodscredential accesscredit card servicescyber espionagedata exfiltrationdata theftdefensedefense contractingdefense logisticsdefense systemsdefense technologydetect-debug-environmentdistributed attacksdistribution managementdll side-loadingdownload ipearth aluxelectronic health recordselectronics manufacturingenergyenergy distributionexeexecution guardrailsfilefile-hashfinancefinance and insurancefinancial servicesfinancial technologyfreight forwardinggeographic target: apacgodzilla webshellgovernment technologyhealth care and social assistancehealth information technologyhealthcare information systemshktlhospital managementidleindicatorindustrial automationindustrial iotindustrial productioninformation gatheringinformation technologyinfrastructure acquisitionreconnaissanceinventory managementit infrastructurelateral movementlatin americalatin america regionlogistics technologylong-sleepsmalmalaysiamalicious softwaremalwaremanufacturing technologymasqloadermedical servicesmilitary operationsmobile carriersmobile networksnational securityoil & gasoperating systempatient carepayment processingpedllperuphilippinespower generationpower systemsprocess injectionprocess manufacturingpublic administrationpublic infrastructurepublic policyquality controlrailload persistencerailsetter persistenceregulatory agenciesremote servicesrenewable energyresearchedretail tradeshipping servicessoftware developmentsouth americasupply chain managementt1003t1005t1016t1020t1021t1021.001t1027t1041t1047t1053.005t1055t1057t1059t1059.001t1059.003t1059.004t1069.001t1070.006t1071t1071.001t1078t1082t1083t1087t1095t1105t1110t1119t1189t1190t1204t1486t1496t1499.002t1499.003t1505.003t1547t1547.001t1565t1566t1569.002t1574.002t1587.001t1590.001taiwantelecom servicestelecommunicationsthailandthreat actor: china-linkedtransportation managementvargeitvargeit backdoorwarehouse operationswealth managementwin32 malwarewindows malware
Activity Timeline
Jun 7Jun 7
Threat Activity Heatmap
LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Threat ScoreLow Risk
18
SIGNAL
Signal Score
18%
Confidence
3
Reports
First seenApr 7, 2025
Last seenJun 7, 2025
VirusTotal
Not checked
WHOIS
- description
- PE32+ executable (DLL) (console) x86-64 (stripped to external PDB), for MS Windows
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 year ago · Last seen 1 year ago
Appeared in 3 threat reports