SHA1MediumSignal 40/100

`be34a8de75155165d36df04b0c406e2f6af7a66b`

First Seen

Apr 9, 2026

Last Seen

Apr 14, 2026

Apr 9

First Seen

68d ago

Apr 14

Last Seen

63d ago

Reports

source reports

40%

Confidence

medium

Found in 2 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.

SHA-1 Hash

SHA-1 file hash associated with malicious samples.

MISP Category

Artifacts Dropped

Hash Algorithm

SHA1

Confidence

40%

Signal Score

40 / 100

IDS Rule

Threat Context

MITRE ATT&CK TTPs

15 techniques

Feed Intelligence Summary

2 reports40% confidence

Source reports

40%

Confidence score

Category tags

active scananalytics naasciiascii textattackbrute forcebusiness internet servicesbuttonchatclick-based attackclose logcode executioncode injectioncommand executioncontactcredential harvestingcredential stuffingcrlfcrlf linedefense evasionedit3iconerrorexecutable fileexploitation activityfile-hashfindgartnergdlnameget fiosgtmw2vn2cqguest systemhtml documenthtml pagehtmldivelementidentity & access exploitationindicatorinjection activityiot securityjava sourcejsonlearnlf linelte networkmac osmalicious activitymalicious linksmalwaremetadata analysismitre attacknetwork infonextoverview zenboxphishingphishing attackphone servicespng imagepng multimediaprocesses extraprogramransomwarereactresearchedrgbarotateccwiconsaveiconshopshop verizonshortcutitemsitesmallsocial engineeringsocial media securityspansupportt1055t1055 processt1059t1071t1082t1095t1204.001t1204.002t1497t1518t1560t1562t1566.001t1566.002t1566.003t1574tag managerthreat actortitletor nodeunicode textupgradeuser executionutc amazonutc aw2761768utc aw685973utc bingutc dc685973utc dc9849921utc g12r1dx1lx7utc googleutf8 textverdictverizonverizon businessverizon business accountverizon business phoneverizon business planverizon business serviceverizon for businessvoicexiconzip archive

Activity Timeline

1 total obs

Apr 14Apr 14

Threat Activity Heatmap

· Peak: 2026-04-14

Less

Mon

Wed

Fri

Jun

Jul

Aug

Sep

Oct

Nov

Dec

Jan

Feb

Mar

Apr

May

Jun

24h

Dormant

30d

Dormant

3mo

Minimal

Intelligence SummaryAI Generated

This Indicator of Compromise (IOC) represents a significant and potentially severe threat, necessitating immediate attention and response. With a threat score of 40.08 and no whitelist status, this SHA-1 hash is strongly indicative of a malicious file, likely associated with advanced attack methodologies. Its presence within an organizational environment could lead to substantial consequences, including unauthorized system access, data exfiltration, system compromise, and the deployment of furth…

Threat ScoreMedium Risk

SIGNAL

Signal Score

40%

Confidence

Reports

First seenApr 9, 2026

Last seenApr 14, 2026

VirusTotal

Not checked

WHOIS

description: A sample of flow-browser-main, an unauthorised version of the web browser, has been detected by researchers at the University of California, Los Angeles, and the National Security Agency (NSA). myvzw.com after an email on ending a #
references: https://vtbehaviour.commondatastorage.googleapis.com/087797e64cf016f13eac46473b4150d49c7eba564c894300f69bc643b059c980_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775739500&Signature=r1pLCgJf%2FQK8TvenCwXy9bnghFzjJ5QssdQSLP37SLv6EkA3WXuFUIvKrsXKokco7bMfQUy%2FArk8F6aP%2Bhaj16Jv7P%2FGB%2Blf7mPvs47VjwfBJRCP8AZLlWvO45%2BjC68v798csdJFPTP31O4yDOE3pXZ3EThm4nSrIwLPhTSPfi3cPlEh2wLSzcySW7BYLw%2BqCoawFCxeLUz7hIV0vC89Mlwi3DeS%2BEnWFF%2FsvT9lVJjdbLoJLEeO, https://vtbehaviour.commondatastorage.googleapis.com/087797e64cf016f13eac46473b4150d49c7eba564c894300f69bc643b059c980_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775739700&Signature=bOTo%2FxCpGDGOsIKJDZjBBhLZRg8UiOGi%2FvVr47Xpmh7tOh9dez7911bi%2F9SUdu4ATLhzRVog%2BdVP%2BUPwTuEfIdEcPuGRGVc1KOSP3fTQrKhRjF3x2dqykxVCH%2B1iqBmCgod%2B1uAdlraxqSOeOgst1l%2Bk250uXff4axktE%2BfGjeNDeGJao%2FfOMktqIL7zU8%2BIQYTObwelnnYx45FBSiXI1bWM4vhdgIX4cs2cT%2F, https://vtbehaviour.commondatastorage.googleapis.com/edb4c21d60daa44b3429e7ba9bfa342759ebef23c136c934f74aef145453ce19_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775737365&Signature=S%2B7RcHYjab1hbKlKwFfvUbDirFPJS1A2TJQ3bVIObMcON4PD9pRDvhMtYMCnEBrYsICi0UJCFW5eUDolL5Jlbngsc587kF36vvuhlkPprbkSOY1jOyDTpe3Qsb6jRFz3xwOfZc9S5QervoLnRKb%2FyGSyZE6ZK6TxzBrOPczPtZ7sLf9NfD6E%2B2gMRXaRjEqVwVITLG7YqCiiNuohFOuNlK3uNHFpIk53viKvBSAIqLtSklH9bHW4q1DX, https://www.verizon.com/business/, https://vtbehaviour.commondatastorage.googleapis.com/edb4c21d60daa44b3429e7ba9bfa342759ebef23c136c934f74aef145453ce19_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1775737710&Signature=fbsokraSd7lsYmUfaTEl8Phs2K3hp7AtVmQU9axeEBcYmYbrrYrrfpP5lPEQaE%2Fh3%2BEP9Rn8mD8D1haqQVXCN0VVlxJ4sddjWmyC5USsgBsvUb0%2F72h1WHDS2KXHlteZWE%2Bauckabain9D5kX501AnqFY38s77OIqO6SMOkQ%2BvXiDSSRK%2FZhbfradBnei3ZLHsXGxkoshTyvB0%2BC%2F8SiUzdVsqSjik0Bn2r%2BIlLpDQK90GlZTD0N

`be34a8de75155165d36df04b0c406e2f6af7a66b`

MITRE ATT&CK TTPs

Feed Intelligence Summary

Activity Timeline

Threat Activity Heatmap

VirusTotal

WHOIS

Export & API

IOC Journey

We value your privacy