IOC Radar
SHA256HighVerifiedSignal 91/100

d9d9f4551c6e8d326921f8b830c61e938925ed4e473f79f5c5e36c1a87238aa8

First Seen
Feb 18, 2026
Last Seen
Feb 25, 2026
Feb 18
First Seen
134d ago
Feb 25
Last Seen
127d ago
4
Reports
source reports
91%
Confidence
high
Found in 4 reports. Confidence: high. · Confidence scores are heuristic. Verify before acting on results.
SHA-256 Hash
SHA-256 file hash — primary identifier for malware samples.
MISP Category
Artifacts Dropped
Hash Algorithm
SHA256
Confidence
91%
Signal Score
91 / 100
IDS Rule
No
Threat Context
Tags
MITRE ATT&CK

MITRE ATT&CK TTPs

7 techniques

Feed Intelligence Summary

4 reports91% confidence
4
Source reports
91%
Confidence score
Category tags
abuse_ch_hashbad reputationbotnetbotnet activitycommand and controldata exfiltrationdata store exposuredistributed attacksexecutable fileexploitation activityfile-hashindicatorinjection activityjameswt_wtmalicious softwaremalwareprocess injectionps1researchedsars-lettert1055t1071.001t1486t1496t1499.002t1499.003t1565

Activity Timeline

1 total obs
Feb 25Feb 25

Threat Activity Heatmap

· Peak: 2026-02-25
Less
More
Mon
Wed
Fri
Jun
Jul
·
·
·
Aug
·
·
·
Sep
·
·
·
·
Oct
·
·
·
Nov
·
·
·
Dec
·
·
·
·
Jan
·
·
·
Feb
·
·
·
Mar
·
·
·
·
Apr
·
·
·
May
·
·
·
Jun
·
·
·
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
0
Dormant
Intelligence SummaryAI Generated

This Indicator of Compromise (IOC), a SHA-256 hash with a high severity score of 90.665, represents a highly malicious artifact, likely a component of a sophisticated attack chain. Its detection within an organization's environment suggests an active or attempted compromise that could lead to severe consequences, including system compromise, extensive data loss, and significant operational disruption. The identified malware association, Win32.Dropper.Boxter, further emphasizes its potential to d…

Threat ScoreHigh Risk
91
SIGNAL
Signal Score
91%
Confidence
4
Reports
First seenFeb 18, 2026
Last seenFeb 25, 2026
Verified IOC

VirusTotal

Not checked

WHOIS

description
ASCII text, with CRLF line terminators

Export & API

STIX 2.1 Bundle
CSV Export
Permalink

IOC Journey

high
First detected 4 months ago · Last seen 4 months ago
Appeared in 4 threat reports