SHA256MediumSignal 91/100
ccc289355d97aa54bb5c50ef33bd1cd0cf9f38ec6bd7e6159b5f2d4c72e626b1
First Seen
Apr 17, 2026
Last Seen
Apr 17, 2026
Found in 2 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
SHA-256 Hash
SHA-256 file hash — primary identifier for malware samples.
MISP Category
Artifacts Dropped
Hash Algorithm
SHA256
Confidence
91%
Signal Score
91 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK
MITRE ATT&CK TTPs
Feed Intelligence Summary
2 reports91% confidence
2
Source reports
91%
Confidence score
Category tags
aslrattack networkbasiccalls processcodecommand lineextra infofile-hashfilesfiles cfull pathguest systemindicatorinfo processesintelms windowsmutexes nothingnextparent pidpe filepe32 executableread registryreaqtaregistry keysresearchedt1018t1056t1071t1082t1095t1105t1497t1518ultimate fileurlsutc8 networkwindows sandboxzenbox verdict
Activity Timeline
Apr 17Apr 17
Threat Activity Heatmap
· Peak: 2026-04-17LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Threat ScoreHigh Risk
91
SIGNAL
Signal Score
91%
Confidence
2
Reports
First seenApr 17, 2026
Last seenApr 17, 2026
VirusTotal
Not checked
WHOIS
- description
- hive
- references
- https://vtbehaviour.commondatastorage.googleapis.com/1af55649a731abb95d71e2e49693a7bcf87270eb4f8712b747f7e04a0a2a3031_ReaQta-Hive.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776404544&Signature=LCRNjms1qthotVXcKmffBD10Y7DKisr7k%2BlVYrTjCank6HB3%2ByH%2F1sAynrAczQNJMFvSCN5berXjisgbRQS12Ua0xWRr9S8WNELQIpaix5s1ZmT%2F20DZy3aPTFnkYjLEAbwCqct2rNETUFlznOBprz2NuaYDQTMU%2BBIuWQmPBconTM%2Bl3i3R2ijpm8NB74T2%2FHObuJDy9Q6nZLrypCtVXWXhM%2FFXBVbGbSnv8YuAN1knzyCy7, https://vtbehaviour.commondatastorage.googleapis.com/1af55649a731abb95d71e2e49693a7bcf87270eb4f8712b747f7e04a0a2a3031_VenusEye%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776404740&Signature=UTWPNbGAoA9TgTHQiId%2B2IX5vXvrJW9JEMICUB8TIsjB%2F%2FqCyeDRc4kvJNYPqQxTrStjGw64eO9p5qPWO6VtkqSnCJfMhO67pVlA8pr2ftHKAGXBV5zwKVkKMUZEs45BhHkY1DLOe0o69EkrN5SlNTblrAVGT5Q6ZG54BbmLetpACp804v%2F9sfa7RgSTZBnItoA9xHcNnivoqRtyhreowE%2FTLFAXboIqs9cti95uwbKKhqzb, https://vtbehaviour.commondatastorage.googleapis.com/1af55649a731abb95d71e2e49693a7bcf87270eb4f8712b747f7e04a0a2a3031_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776404830&Signature=xTx%2BpDgPVcC%2F9bas7r9zOD2cjhR8moW2kepUI6Dfmz5WrCrWqUpFCtn3pgbDYZqdfFa8HCluzOBpUA8ULheNBisUcHil3cplF57DdYR1C1d9uPgSqqOrjpYXoL3OtlzZFv8X00%2Ft7xwGwRgS9BohRtLi8EFvJTAJ7RC7EOm9FpG49dFxcnvjNDFSixUo2g9P0f4m0li3fkcR9onjdL2WmM1vSmAJBiaVxCMHhG8K49Ro3AwUrT9AV2uG9CnH%2Bu, https://vtbehaviour.commondatastorage.googleapis.com/1af55649a731abb95d71e2e49693a7bcf87270eb4f8712b747f7e04a0a2a3031_CAPE%20Sandbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776404848&Signature=WmTL2fYm%2FkDYVa9Qo9Nz9RPF1sK%2BSfCJJtstGHcUos0pBsz0gehytubNXzwSckZACwulvt8Ye%2BDV3Q82C9WedSfmtisHhwbJuUC69xdfCcBiGcZjiEl%2FCDYoT5bQr16cZP7weWAn%2Beg8YFq4S5VWlVp3M7vNlHJSPy%2Bt4RNKiO6O5wHc74tX7b5Hvl08W9i%2F6vQ8iTmB0OFx21UK%2FG4wdLMIrBbhaxVD3zWi81iu0vgOU9, https://vtbehaviour.commondatastorage.googleapis.com/1af55649a731abb95d71e2e49693a7bcf87270eb4f8712b747f7e04a0a2a3031_VirusTotal%20Jujubox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776404928&Signature=tWjsWqqnoY%2FioSmCeqIaZY4021%2Bm6UFV%2BEiTdTHnMx6FcCgc4YRDjhGLoV24Vk%2Bq8%2Fz0qx1OAHNDq3adCrUxmP%2BTR0vYWjYEiuy%2F6hg7oSF9eiX%2BAEgRS7vQzZdiOy7%2BoKaLRFGet0HWmKoQkMYLyrY9Yu4k5mnQmOG4oecchl9baESpYfESVVfol0t7Xn%2FZCVd%2FH5gn%2BCysfY7lTC07sxIs0Cc6%2F%
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 1 month ago · Last seen 1 month ago
Appeared in 2 threat reports