SHA256MediumSignal 51/100
e8cd5bd412db71f56b1a19bcee18fefc804fc6e3d654b0098e3ebc636f4262d8
First Seen
Apr 16, 2026
Last Seen
Apr 23, 2026
Found in 3 reports. Confidence: medium. · Confidence scores are heuristic. Verify before acting on results.
SHA-256 Hash
SHA-256 file hash — primary identifier for malware samples.
MISP Category
Artifacts Dropped
Hash Algorithm
SHA256
Confidence
51%
Signal Score
51 / 100
IDS Rule
No
Threat Context
Tags
Feed Intelligence Summary
3 reports51% confidence
3
Source reports
51%
Confidence score
Category tags
ascii textexecutable fileexif standardextra infofile-hashhtml documentimageindicatorjfifjpeg imageknown-distributormitre attacknextpngpng imagepolyfoodprocessresearchedrgbatiff imagetor nodeunixwindow
Activity Timeline
Apr 23Apr 23
Threat Activity Heatmap
· Peak: 2026-04-23LessMore
Mon
Wed
Fri
24h
0
Dormant
7d
0
Dormant
30d
0
Dormant
3mo
1
Minimal
Intelligence SummaryAI Generated
This Indicator of Compromise (IOC), identified as a SHA-256 hash, signifies a critical threat to organizational security and demands immediate attention. With a threat score exceeding 50, its presence strongly suggests compromise by malicious software, specifically a Remote Access Trojan (RAT), capable of enabling unauthorized control over affected systems. The potential impact is severe, ranging from sensitive data exfiltration and intellectual property theft to system sabotage and the establis…
Threat ScoreMedium Risk
51
SIGNAL
Signal Score
51%
Confidence
3
Reports
First seenApr 16, 2026
Last seenApr 23, 2026
VirusTotal
Not checked
WHOIS
- description
- PNG image, 16 x 16, 8-bit/color RGBA, non-interlaced
- references
- https://vtbehaviour.commondatastorage.googleapis.com/f9edca986721a33330a9b3fd1393da7842e24e4bc13dfe66b85b2c6f30723b41_Zenbox.html?GoogleAccessId=758681729565-rc7fgq07icj8c9dm2gi34a4cckv235v1@developer.gserviceaccount.com&Expires=1776306209&Signature=5MPEhEYxNMBPPRE%2FOI%2BgEm%2FR3liZ7u6kC4rG%2F6ITa6jqlTK3R3FYvuTNQActsyeugCNPuRbVdsvGEL%2BeqplUEwkRTxc%2FJ%2Bg%2FN0cIwvsFvlLwu%2BNSxF9YCjgTEhJJS0023jrUmBoE8RsyEv54fnAHAzTw5%2Fq0GDR0VC45OABa5RaNz%2FJhd5m%2BaZbfJTgC9On1RFdwHfvFsfjM8mQ7h3S%2F57ARvTf006Jt4XQAI1frTytp
Export & API
STIX 2.1 Bundle
CSV Export
Permalink
IOC Journey
mediumFirst detected 2 months ago · Last seen 2 months ago
Appeared in 3 threat reports