SHA256LowSignal 18/100

`98b3d9d20e032f90aca49e9b116225d539ff6fbdb7e42c3c363f63896ac03d2a`

Location

Germany

First Seen

Jun 6, 2025

Last Seen

Apr 2, 2026

Jun 6

First Seen

371d ago

Apr 2

Last Seen

71d ago

Reports

source reports

18%

Confidence

low

Found in 2 reports. Confidence: low. · Confidence scores are heuristic. Verify before acting on results.

SHA-256 Hash

SHA-256 file hash — primary identifier for malware samples.

MISP Category

Artifacts Dropped

Hash Algorithm

SHA256

Confidence

18%

Signal Score

18 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

27 techniques

Feed Intelligence Summary

2 reports18% confidence

Source reports

18%

Confidence score

Category tags

a-mo.net relatedaaaaacceptaccessacrongl integactive scanadaptmxadobe portableamazon rsaamazon-02application developmentas autonomousascii textasiaattackb documentb imagebazaarbodybrute forcecache entrycalls processcbe cnalphasslchrome cachecisco devicecisco umbrellacnamazon rsacnwe1 validitycode executioncode injectioncommand and controlcommand executioncommunication protocolcredential harvestingcredential stuffingcus cnamazoncus oamazoncus ogoogledevelopment methodologiesdevice managementdevopsdigital mediadns attackdocument formatdrive-by compromiseec oidecdsaencryptencryptionenterprise networkingentertainment technologyentryeuropeexecutable fileexpiry dateexploitation activityfile-hashfindfrancefuryg2 oglobalsigngategeckogeneral fullgermanygifgif imagehttp attackhttp scanneridentity & access exploitationimageindicatorinformation technologyinfrastructure acquisitionreconnaissanceinjection activityissuerit infrastructurejfifjoinjpeg imagejsonkey algorithmkey identifierkey infokhtmlknown-distributorlinux x8664loginm02 oamazonm03 validitymainmalicious activitymalicious linksmalwaremalware distributionmedia & entertainmentmedia distributionmultimedia productionmwdbnamenetifynetwork infrastructurenextnumberpasswordpdf documentphishingphishing attackphoenix nappng imageprebid frameworkpresent aprprimary requestprocess injectionproduct developmentprotocol h2public keyquality assurancerankransomwarerecord typeremote servicesresearch jobsresearchedresearchgateresource pathreverse dnsscript urlssecurity tlssingaporesizesize xfersocial engineeringsoftware architecturesoftware developmentsoftware engineeringsoftware testingssdeepstreaming servicessubject publicsystemt1021t1036t1055t1056t1057t1059t1071t1071.001t1078t1082t1140t1189t1190t1204t1204.001t1499.001t1499.002t1518t1566t1566.001t1566.002t1566.003t1566.004t1587.001t1590.001t1598t1608threat actortitletor nodetrustttl valuetype mimetypeumbrella rankunitedunited kingdomv3 serialvaluevalue aweb securityweb trafficwin32 malwarewindows malwarewindows sandboxx509v3 subject

Activity Timeline

1 total obs

Apr 2Apr 2

Threat Activity Heatmap

· Peak: 2026-04-02

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Dormant

3mo

Minimal

Threat ScoreLow Risk

SIGNAL

Signal Score

18%

Confidence

Reports

First seenJun 6, 2025

Last seenApr 2, 2026

VirusTotal

Not checked

WHOIS

description: Unknown #netify #parked #parkingcrews # AdaptMX Amazon-02

Export & API

STIX 2.1 Bundle

CSV Export

Permalink

IOC Journey

low

First detected 1 year ago · Last seen 2 months ago

Appeared in 2 threat reports